Advantech iView SQL Injection Vulnerability (CNVD-2025-31065)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the ztpsearchvalue...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31064)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from an authentication bypass of the ztpconfigid parameter of the NetworkServlet...

CVE-2022-50591

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50591

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50591

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50595

Advantech iView prior to v5.7.04 build 6425 is affected. The SNMP management tool exposes a SQL injection in the ztp_search_value parameter of the NetworkServlet, enabling remote attackers to bypass authentication and achieve remote code execution with administrator privileges. Root cause cited a...

CVE-2022-50595 Advantech iView < v5.7.04 Build 6425 ztp_search_value Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpsearchvalue’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50591 Advantech iView < v5.7.04 Build 6425 ztp_config_id Parameter SQL Injection Information Disclosure

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50591 Advantech iView < v5.7.04 Build 6425 ztp_config_id Parameter SQL Injection Information Disclosure

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...

CVE-2022-50591

Advantech iView prior to version v5.7.04 build 6425 contains a vulnerability in the SNMP management tool that lets remote attackers bypass authentication and perform a SQL injection in the ztp_config_id parameter of the NetworkServlet endpoint. Successful exploitation can lead to exfiltration of ...

PT-2025-45366

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp config id’ parameter to the ‘NetworkServlet’ endpoint. Successful...

PT-2025-45370

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp search value’ parameter to the ‘NetworkServlet’ endpoint. Successfu...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.19. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.18. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.17. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.16. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

CVE-2023-35139

A cross-site scripting XSS vulnerability in the CGI program of the Zyxel ATP series firmware versions 5.10 through 5.37, USG FLEX series firmware versions 5.00 through 5.37, USG FLEX 50W series firmware versions 5.10 through 5.37, USG20W-VPN series firmware versions 5.10 through 5.37, and VPN...

Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping

Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning ZTP that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s des...