Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdvantech Iview
APPAdvantech< 5.7.03.6112
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2022-50595CRITICAL9.3PL ✓ten sam produkt
Advantech iView — Auth Bypass + SQL Injection prowadzący do RCE
CVE-2022-50592CRITICAL9.3PL ✓ten sam produkt
Advantech iView – Auth Bypass i SQL Injection prowadzące do RCE
CVE-2022-50593CRITICAL9.3PL ✓ten sam produkt
Advantech iView – Auth Bypass + SQL Injection prowadzące do RCE
CVE-2022-2143CRITICAL9.8ten sam produkt
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remot...
CVE-2021-32930CRITICAL9.8ten sam produkt
The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker ...