29 matches found
The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.
The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...
CVE-2025-53475
A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...
CVE-2025-46704
A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...
CVE-2025-52459
Advantech iView contains a vulnerability in the NetworkServlet.backupDatabase() function where certain parameters can be injected into commands due to improper sanitization. An authenticated attacker with user-level privileges could inject arbitrary arguments, potentially leading to information d...
CVE-2025-53475 Advantech iView SQL Injection
A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...
CVE-2025-53475
CVE-2025-53475 – Advantech iView SQL Injection . A vulnerability exists in Advantech iView where the parameter handling in NetworkServlet.getNextTrapPage() is not properly sanitized, enabling authenticated, low-privilege attackers to perform SQL injection and potentially achieve remote code execu...
Advantech iView SQL注入漏洞
Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...
PT-2025-29186 · Advantech · Advantech Iview
Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution. The issue resides in the NetworkServlet.getNextTrapPage function, where certa...
PT-2025-29183 · Advantech · Advantech Iview
Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.backupDatabase function. An authenticated attacker with user-level privileges can...