CRITICAL🇬🇧 English

CVE-2021-22652

CVSS 9.8v3.1pub. 2021-02-11upd. 2024-11-21

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Advantech Iview

    APP
    Advantech
    < 5.7.03.6112
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2022-50595CRITICAL9.3PL ✓ten sam produkt

Advantech iView — Auth Bypass + SQL Injection prowadzący do RCE

CVE-2022-50592CRITICAL9.3PL ✓ten sam produkt

Advantech iView – Auth Bypass i SQL Injection prowadzące do RCE

CVE-2022-50593CRITICAL9.3PL ✓ten sam produkt

Advantech iView – Auth Bypass + SQL Injection prowadzące do RCE

CVE-2022-2143CRITICAL9.8ten sam produkt

The affected product is vulnerable to two instances of command injection, which may allow an attacker to remot...

CVE-2021-32930CRITICAL9.8ten sam produkt

The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker ...