CNNVD-202507-1601 Information

CNNVD ID

CNNVD-202507-1601

Related CVE

CVE-2025-52577

• CNNVD Published: 2025-07-11

Description (Chinese)

Advantech iView是中国研华（Advantech）公司的一个基于简单网络协议（SNMP）来对 B + B SmartWorx 设备进行管理的软件。 Advantech iView存在SQL注入漏洞，该漏洞源于NetworkServlet.archiveTrapRange中存在SQL注入和远程代码执行漏洞。

Description (English)

Advantech iView is a software based on a simple network protocol (SNMP) for managing B+ B SmartWorks equipment. Advantech iView has a leak in SQL, which stems from the SQL injection and remote code implementation gap in NetworkServlet.archiveTraprange.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

研华

Published

2025-07-11

Last Modified

2026-02-24

References

https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183 https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-08 https://access.redhat.com/security/cve/cve-2025-52577

Patch

https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183