Page 2 of 21 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. El producto afectado es vulnerable a múltiples inyecciones SQL que requieren privilegios bajos para su explotación y pueden permitir a un atacante no autorizado divulgar información This vulnerability allows remote attackers to create arbitrary files on affected installations of Advantech iView. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the UserName element of the set_useraccount action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0

The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. El producto afectado es vulnerable a un salto de directorio, que puede permitir a un atacante acceder a archivos no autorizados y ejecutar código arbitrario This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MenuServlet endpoint, which listens on TCP port 8080 by default. When parsing the page element of the getUserPrefMenuFragment action, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 9.8EPSS: 19%CPEs: 1EXPL: 1

The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code. El producto afectado es vulnerable a dos instancias de inyección de comandos, que pueden permitir a un atacante ejecutar remotamente código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the fwfilename element of the runProViewUpgrade action, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • http://packetstormsecurity.com/files/168108/Advantech-iView-NetworkServlet-Command-Injection.html https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182). El producto afectado es vulnerable a una inyección SQL, que puede permitir a un atacante no autorizado divulgar información en el iView (versiones anteriores a v5.7.03.6182) This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. • https://us-cert.cisa.gov/ics/advisories/icsa-21-154-01 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182). La configuración del producto afectado es vulnerable debido a una falta de autenticación, lo que puede permitir a un atacante cambiar la configuración y ejecutar código arbitrario en el iView (anterior a versión v5.7.03.6182) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the runProViewUpgrade action of NetworkServlet, which listens on TCP port 8080 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service acccount. • https://us-cert.cisa.gov/ics/advisories/icsa-21-154-01 • CWE-306: Missing Authentication for Critical Function •