CNNVD-202507-1602 Information

CNNVD ID

CNNVD-202507-1602

Related CVE

CVE-2025-52459

• CNNVD Published: 2025-07-11

Description (Chinese)

Advantech iView是中国研华（Advantech）公司的一个基于简单网络协议（SNMP）来对 B + B SmartWorx 设备进行管理的软件。 Advantech iView存在参数注入漏洞，该漏洞源于NetworkServlet.backupDatabase中存在参数注入，可能导致信息泄露。

Description (English)

Advantech iView is a software based on a simple network protocol (SNMP) for managing B+ B SmartWorks equipment. There is a gap in the parameters of Advantech iView, which stems from the presence of parameters in NetworkServlet.backupDatabase, which may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

参数注入

Affected Vendor

研华

Published

2025-07-11

Last Modified

2026-02-24

References

https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183 https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-08 https://access.redhat.com/security/cve/cve-2025-52459

Patch

https://www.advantech.com/en/support/details/firmware-?id=1-HIPU-183