CNNVD-202507-1555 Information
CNNVD ID
CNNVD-202507-1555
Related CVE
- CNNVD Published: 2025-07-10
Description (Chinese)
Advantech iView是中国研华(Advantech)公司的一个基于简单网络协议(SNMP)来对 B + B SmartWorx 设备进行管理的软件。 Advantech iView 5.7.05 build 7057之前版本存在跨站脚本漏洞,该漏洞源于容易受到反射型跨站脚本攻击,可能导致信息泄露或其他恶意活动。
Description (English)
Advantech iView is a software based on a simple network protocol (SNMP) for managing B+ B SmartWorks equipment. The pre-Advantech iView 5.7.05 build 7057 has a cross-site script loophole, which stems from the vulnerability of the reflector-type cross-station script attack, which may lead to the disclosure of information or other malicious activity.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
研华
Published
2025-07-10
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-08 https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183 https://access.redhat.com/security/cve/cve-2025-53397 https://nvd.nist.gov/vuln/detail/CVE-2025-53397
Patch
https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183
Share on: