Lucene search
+L

29 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.10 views

Vulnerability of the NetworkServlet.archiveTrap() function in the system for centrally managing network devices and ports of Advantech iView. This vulnerability allows a hacker to execute arbitrary code.

The vulnerability of the NetworkServlet.archiveTrap function in the system for managing network devices and ports of Advantech iView is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.1AI score0.005EPSS
Exploits0References4
OSV
OSV
added 2025/07/11 12:15 a.m.6 views

CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.7CVSS6.5AI score0.0428EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.7 views

CVE-2025-46704

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

5.3CVSS0.03317EPSS
Exploits0References2
CVE
CVE
added 2025/07/10 11:28 p.m.24 views

CVE-2025-52459

Advantech iView contains a vulnerability in the NetworkServlet.backupDatabase() function where certain parameters can be injected into commands due to improper sanitization. An authenticated attacker with user-level privileges could inject arbitrary arguments, potentially leading to information d...

7.1CVSS6.3AI score0.00282EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/10 11:23 p.m.3 views

CVE-2025-53475 Advantech iView SQL Injection

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.8CVSS8.7AI score0.0428EPSS
Exploits0References2
CVE
CVE
added 2025/07/10 11:23 p.m.34 views

CVE-2025-53475

CVE-2025-53475 – Advantech iView SQL Injection . A vulnerability exists in Advantech iView where the parameter handling in NetworkServlet.getNextTrapPage() is not properly sanitized, enabling authenticated, low-privilege attackers to perform SQL injection and potentially achieve remote code execu...

8.8CVSS8AI score0.0428EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.7 views

Advantech iView SQL注入漏洞

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...

8.8CVSS7.9AI score0.005EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/13 12:0 a.m.9 views

PT-2025-29186 · Advantech · Advantech Iview

Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution. The issue resides in the NetworkServlet.getNextTrapPage function, where certa...

9CVSS7.5AI score0.0428EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/13 12:0 a.m.5 views

PT-2025-29183 · Advantech · Advantech Iview

Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.backupDatabase function. An authenticated attacker with user-level privileges can...

7.1CVSS6.5AI score0.00282EPSS
Exploits0References6
Rows per page
Query Builder