CVE-2021-22652

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution...

CVE-2021-22656

Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files...

CVE-2021-22658

Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'...

Advantech iView SQL Injection Vulnerability

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from improper SNMP v1 trap request cleanup, which can be exploited by attackers to obta...

CVE-2025-13373

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

CVE-2025-13373

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

CVE-2025-13373 Advantech iView SQL Injection

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

CVE-2025-13373 Advantech iView SQL Injection

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

CVE-2025-13373

Advantech iView is affected by a SQL injection vulnerability (CVE-2025-13373) in SNMP v1 trap handling. Affected versions are 5.7.05.7057 and earlier. The root cause is improper sanitization/cleanup of SNMP v1 trap requests received on UDP port 162, which can allow an attacker to inject arbitrary...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-338-01 Mitsubishi Electric GX Works2 ICSA-25-338-02 MAXHUB Pivot ICSA-25-338-03 Johnson Controls OpenBlue...

Advantech iView

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify, or delete data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

Advantech iView SQL注入漏洞

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from improper SNMP v1 trap request cleanup, which can be exploited by attackers to obta...

PT-2025-49175

Name of the Vulnerable Software and Affected Versions Advantech iView versions 5.7.05.7057 and prior Description Advantech iView does not properly sanitize SNMP v1 trap Port 162 requests, potentially allowing an attacker to inject SQL commands. The vulnerability exists due to insufficient input...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31065)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the ztpsearchvalue...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31061)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31062)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from an authentication bypass in the getInventoryReportData parameter of the...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31063)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the searchterm...

CVE-2022-50591

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

CVE-2022-50592

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...