Lucene search
K

4 matches found

CNVD
CNVD
added 2025/11/11 12:0 a.m.5 views

Advantech iView SQL Injection Vulnerability (CNVD-2025-31065)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the ztpsearchvalue...

9.3CVSS8.8AI score0.00638EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 7:58 p.m.4 views

CVE-2022-50595 Advantech iView < v5.7.04 Build 6425 ztp_search_value Parameter SQL Injection RCE

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpsearchvalue’ parameter to the ‘NetworkServlet’ endpoint. Successful...

9.3CVSS8.8AI score0.00638EPSS
Exploits0References3
CVE
CVE
added 2025/11/06 7:58 p.m.17 views

CVE-2022-50595

Advantech iView prior to v5.7.04 build 6425 is affected. The SNMP management tool exposes a SQL injection in the ztp_search_value parameter of the NetworkServlet, enabling remote attackers to bypass authentication and achieve remote code execution with administrator privileges. Root cause cited a...

9.3CVSS8.8AI score0.00638EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-45370

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp search value’ parameter to the ‘NetworkServlet’ endpoint. Successfu...

9.3CVSS9.2AI score0.00638EPSS
Exploits0References4
Rows per page
Query Builder