Advantech iView SQL Injection Vulnerability (CNVD-2025-31061)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31062)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from an authentication bypass in the getInventoryReportData parameter of the...

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

CVE-2022-50595

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpsearchvalue’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50595

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpsearchvalue’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50592

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

CVE-2022-50591

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

CVE-2022-50591 Advantech iView < v5.7.04 Build 6425 ztp_config_id Parameter SQL Injection Information Disclosure

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50593 Advantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘searchterm’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50592 Advantech iView < v5.7.04 Build 6425 getInventoryReportData Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...

CVE-2022-50594 Advantech iView < v5.7.04 Build 6425 data Parameter SQL Injection Information Disclosure

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

CVE-2022-50594

Advantech iView is affected: versions prior to v5.7.04 build 6425. The issue arises from a lack of validation in the data parameter of the NetworkServlet endpoint, enabling a SQL injection via the SNMP management tool. Remote attackers can bypass authentication and exploit this to disclose data, ...

CVE-2022-50594 Advantech iView < v5.7.04 Build 6425 data Parameter SQL Injection Information Disclosure

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

PT-2025-45367

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...

PT-2025-45369

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

PT-2025-45366

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp config id’ parameter to the ‘NetworkServlet’ endpoint. Successful...

Vulnerability of the NetworkServlet.restoreDatabase() function in the system for centrally managing network devices and ports of the Advantech iView, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.restoreDatabase function in the system for centrally managing network devices and ports of the Advantech iView platform is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

The vulnerability of the NetworkServlet.backupDatabase() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.backupDatabase function in the system for centrally managing network devices and ports of the Advantech iView family is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...