Lucene search
K

29 matches found

bdu_fstec
bdu_fstec
added 2025/07/24 12:0 a.m.9 views

The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.

The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...

4.3CVSS5.5AI score0.03317EPSS
Exploits0References3
osv
osv
added 2025/07/11 12:15 a.m.4 views

CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.7CVSS6.5AI score0.0428EPSS
Exploits0References2
nvd
nvd
added 2025/07/11 12:15 a.m.7 views

CVE-2025-46704

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

5.3CVSS0.03317EPSS
Exploits0References2
cve
cve
added 2025/07/10 11:28 p.m.22 views

CVE-2025-52459

Advantech iView contains a vulnerability in the NetworkServlet.backupDatabase() function where certain parameters can be injected into commands due to improper sanitization. An authenticated attacker with user-level privileges could inject arbitrary arguments, potentially leading to information d...

7.1CVSS6.3AI score0.00282EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/07/10 11:23 p.m.3 views

CVE-2025-53475 Advantech iView SQL Injection

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.8CVSS8.7AI score0.0428EPSS
Exploits0References2
cve
cve
added 2025/07/10 11:23 p.m.30 views

CVE-2025-53475

CVE-2025-53475 – Advantech iView SQL Injection . A vulnerability exists in Advantech iView where the parameter handling in NetworkServlet.getNextTrapPage() is not properly sanitized, enabling authenticated, low-privilege attackers to perform SQL injection and potentially achieve remote code execu...

8.8CVSS8AI score0.0428EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2025/07/10 12:0 a.m.6 views

Advantech iView SQL注入漏洞

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...

8.8CVSS7.9AI score0.005EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/06/13 12:0 a.m.9 views

PT-2025-29186 · Advantech · Advantech Iview

Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution. The issue resides in the NetworkServlet.getNextTrapPage function, where certa...

9CVSS7.5AI score0.0428EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2025/06/13 12:0 a.m.5 views

PT-2025-29183 · Advantech · Advantech Iview

Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.backupDatabase function. An authenticated attacker with user-level privileges can...

7.1CVSS6.5AI score0.00282EPSS
Exploits0References6
Rows per page
Query Builder