23 results (0.008 seconds)

CVSS: 7.5EPSS: %CPEs: 1EXPL: 0

Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ConfigurationServlet servlet, which listens on TCP port 8080 by default. When parsing the column_value element, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. • https://www.advantech.com/zh-tw/support/details/firmware?id=1-HIPU-183 https://www.zerodayinitiative.com/advisories/ZDI-24-610 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection. • https://www.tenable.com/security/research/tra-2023-24 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special column_value parameter in the setConfiguration action to bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform SQL injection. For example, the attacker can exploit the vulnerability to retrieve the iView admin password. Una vulnerabilidad de inyección SQL en Advantech iView versión 5.7.04.6469. • https://www.tenable.com/security/research/tra-2022-32 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information El producto afectado es vulnerable a dos inyecciones SQL que requieren altos privilegios para su explotación y pueden permitir a un atacante no autorizado divulgar información This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the device_get_community and device_set_community elements of the addDeviceTreeItem action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition. El producto afectado es vulnerable debido a la falta de autenticación, lo que puede permitir a un atacante leer o modificar datos confidenciales y ejecutar código arbitrario, resultando en una condición de denegación de servicio This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. The issue results from the lack of authentication prior to allowing access to the removeDevices functionality. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03 • CWE-306: Missing Authentication for Critical Function •