2 matches found
Advantech iView SQL Injection (CVE-2022-2135)
A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the segment parameter in the findCfgDeviceList process...
Advantech iView findCfgDeviceList segment SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the...