CNNVD-202511-514 Information
CNNVD ID
CNNVD-202511-514
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Advantech iView是中国研华(Advantech)公司的一个基于简单网络协议(SNMP)来对 B + B SmartWorx 设备进行管理的软件。 Advantech iView v5.7.04 build 6425之前版本存在安全漏洞,该漏洞源于SNMP管理工具中存在身份验证绕过,可能导致SQL注入攻击和数据泄露。
Description (English)
Advantech iView is a software based on a simple network protocol (SNMP) for managing B+ B SmartWorks equipment. The previous version of Advantech iView v5.7.04 built 6425 had a security loophole, which stemmed from the presence of identification bypasses in the SNMP management tool, which could result in SQL being injected into attacks and data leaks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
研华
Published
2025-11-06
Last Modified
2026-02-24
References
https://blog.exodusintel.com/2022/03/01/advantech-iview-ztp_config_id-parameter-sql-injection-information-disclosure-vulnerability/ https://www.advantech.tw/support/details/firmware?id=1-HIPU-183 https://www.vulncheck.com/advisories/advantech-iview-ztpconfigid-parameter-sqli-information-disclosure
Patch
https://www.advantech.com/zh-tw/support/details/firmware?id=1-HIPU-183
Share on: