Latest advantech iview Vulnerabilities

CVE-2023-3983
An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInj...
Advantech iView<5.7.4.6752
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote a...
Advantech iView=5.7.04.6469
CVE-2022-2143
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
Advantech iView<5.7.04.6469
CVE-2022-2139
Advantech iView<5.7.04.6469
CVE-2022-2142
Advantech iView<5.7.04.6469
CVE-2022-2137
Advantech iView<5.7.04.6469
CVE-2022-2136
The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.
Advantech iView<5.7.04.6469
CVE-2022-2135
The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.
Advantech iView<5.7.04.6469
CVE-2022-2138
The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.
Advantech iView<5.7.04.6469
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182).
Advantech iView<5.7.03.6182
CVE-2021-32930
Advantech iView<5.7.03.6182
CVE-2021-22656
Advantech iView CommandServlet Directory Traversal Information Disclosure Vulnerability
Advantech iView
Advantech iView<5.7.03.6112
CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.
Advantech iView<5.7.03.6112
CVE-2021-22658
Advantech iView UserServlet SQL Injection Privilege Escalation Vulnerability
Advantech iView
Advantech iView<5.7.03.6112
CVE-2020-16245
Advantech iView NetworkServlet findSummaryCfgDeviceListExport Directory Traversal Remote Code Execution Vulnerability
Advantech iView
Advantech iView<=5.7
CVE-2020-14499
Advantech iView UserServlet getAllUsersAccountInfo Improper Access Control Information Disclosure Vulnerability
Advantech iView
Advantech iView<=5.6
CVE-2020-14503
Advantech iView NetworkServlet Improper Input Validation Remote Code Execution Vulnerability
Advantech iView
Advantech iView<=5.6
CVE-2020-14501
Advantech iView UserServlet performDeleteUser Missing Authentication for Critical Function Information Disclosure Vulnerability
Advantech iView
Advantech iView<=5.6
CVE-2020-14507
Advantech iView MenuServlet Directory Traversal Information Disclosure Vulnerability
Advantech iView
Advantech iView<=5.6
CVE-2020-14505
Advantech iView NetworkServlet restoreDatabase Command Injection Remote Code Execution Vulnerability
Advantech iView
Advantech iView<=5.6
CVE-2020-14497
Advantech iView DeviceTreeTable getUpdateDeviceListDetails SQL Injection Information Disclosure Vulnerability
Advantech iView
Advantech iView<=5.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203