Advantech

Iview

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-53509

  • EPSS 0.04%
  • Veröffentlicht 10.07.2025 23:29:10
  • Zuletzt bearbeitet 01.08.2025 19:16:23

A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase(). This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a c...

7.1

CVE-2025-52459

  • EPSS 0.05%
  • Veröffentlicht 10.07.2025 23:28:08
  • Zuletzt bearbeitet 15.07.2025 13:14:49

A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet.backupDatabase(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters can be used directly in a comman...

8.8

CVE-2025-53515

  • EPSS 0.19%
  • Veröffentlicht 10.07.2025 23:25:51
  • Zuletzt bearbeitet 01.08.2025 19:13:59

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are...

8.8

CVE-2025-52577

  • EPSS 0.19%
  • Veröffentlicht 10.07.2025 23:24:42
  • Zuletzt bearbeitet 23.07.2025 19:20:13

A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange(). This issue requires an authenticated attacker with at least user-level privileges. Certain input paramete...

8.8

CVE-2025-53475

  • EPSS 0.19%
  • Veröffentlicht 10.07.2025 23:23:38
  • Zuletzt bearbeitet 23.07.2025 19:19:37

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters ...

5.3

CVE-2025-46704

  • EPSS 0.05%
  • Veröffentlicht 10.07.2025 23:19:32
  • Zuletzt bearbeitet 23.07.2025 19:20:26

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not pr...

7.6

CVE-2025-48891

  • EPSS 0.06%
  • Veröffentlicht 10.07.2025 23:17:45
  • Zuletzt bearbeitet 23.07.2025 19:20:18

A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection() function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading...

5.4

CVE-2025-41442

  • EPSS 0.04%
  • Veröffentlicht 10.07.2025 23:15:27
  • Zuletzt bearbeitet 23.07.2025 19:20:42

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's ...

5.4

CVE-2025-53519

  • EPSS 0.04%
  • Veröffentlicht 10.07.2025 23:14:37
  • Zuletzt bearbeitet 23.07.2025 19:19:55

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's brows...

6.1

CVE-2025-53397

  • EPSS 0.04%
  • Veröffentlicht 10.07.2025 23:13:27
  • Zuletzt bearbeitet 01.08.2025 19:19:25

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentia...