216.73.216.67

CVE-2022-50593

· Published 06/11/2025 20:15 · Modified 08/12/2025 16:12

Labels: CVE-2022-50593 2025-11-06CVE-2022-50593CWE-89[email protected]

Essential information

Published
06/11/2025 20:15
Modified
08/12/2025 16:12
Author
Creator
CVSS
9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘search_term’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitation allows for remote code execution with administrator privileges.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
advantech / iview cpe:2.3:a:advantech:iview:*:*:*:*:*:*:*:*

References