Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advantech iview vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3983
An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection.
Advantech Iview
7.5
CVSSv2
CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized malicious user to change the configuration and obtain code execution.
Advantech Iview
5
CVSSv2
CVE-2021-22654
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized malicious user to disclose information.
Advantech Iview
7.5
CVSSv2
CVE-2021-22658
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an malicious user to escalate privileges to 'Administrator'.
Advantech Iview
7.5
CVSSv2
CVE-2021-32930
The affected product’s configuration is vulnerable due to missing authentication, which may allow an malicious user to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
Advantech Iview
NA
CVE-2022-2137
The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized malicious user to disclose information
Advantech Iview
NA
CVE-2022-2139
The affected product is vulnerable to directory traversal, which may allow an malicious user to access unauthorized files and execute arbitrary code.
Advantech Iview
5
CVSSv2
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized malicious user to disclose information on the iView (versions prior to v5.7.03.6182).
Advantech Iview
NA
CVE-2022-2138
The affected product is vulnerable due to missing authentication, which may allow an malicious user to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.
Advantech Iview
NA
CVE-2022-2142
The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized malicious user to disclose information.
Advantech Iview
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »