CNNVD-202601-1870 Information
CNNVD ID
CNNVD-202601-1870
Related CVE
- CNNVD Published: 2026-01-12
Description (Chinese)
Advantech IoTSuite SaaSComposer等都是中国台湾研华(Advantech)公司的产品。Advantech IoTSuite SaaSComposer是一个低代码可视化开发工具。Advantech IoTSuite Growth Linux docker是一个工业物联网平台的容器化部署方案。Advantech IoTSuite Starter Linux docker是一个工业物联网平台的容器化部署方案。 Advantech多款产品存在安全漏洞,该漏洞源于未经验证的远程攻击者可执行任意SQL命令,可能导致SQL注入攻击。以下产品受到影响:Advantech IoTSuite SaaSComposer、Advantech IoTSuite Growth Linux docker和Advantech IoTSuite Starter Linux docker。
Description (English)
Advantech IoTSuite SaaScomposer and others are products of the Chinese company Advantech. Advantech IoTSuite SaaScomposer is a low-code visualization development tool. Advantech IoTSuite Growth Linux docker is a containerization deployment programme for industrial networking platforms. Advantech IoTSuite Starter Linux docker is a containerization deployment programme for industrial networking platforms. There is a safety gap in Advantech ’ s multiple products, which stems from the fact that uncertified long-range assailants can enforce arbitrary SQL orders, which could lead to an injection of SQL. The following products have been affected: Advantech IoTSuite SaaScomposer, Advantech IoTSuite Growth Linux docker and Advantech IoTSuite Starter Linux docker.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
研华
Published
2026-01-12
Last Modified
2026-02-24
References
https://www.csa.gov.sg/alerts-and-advisories/alerts/alerts-al-2026-001/
Patch
https://www.advantech.com/en-us
Share on: