The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdvantech Iview
APPAdvantech< 5.7.03.6182
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2022-50595CRITICAL9.3PL ✓ten sam produkt
Advantech iView — Auth Bypass + SQL Injection prowadzący do RCE
CVE-2022-50593CRITICAL9.3PL ✓ten sam produkt
Advantech iView – Auth Bypass + SQL Injection prowadzące do RCE
CVE-2022-50592CRITICAL9.3PL ✓ten sam produkt
Advantech iView – Auth Bypass i SQL Injection prowadzące do RCE
CVE-2022-2143CRITICAL9.8ten sam produkt
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remot...
CVE-2021-22652CRITICAL9.8ten sam produkt
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which m...