216.73.216.75

CVE-2022-50594

· Published 06/11/2025 20:15 · Modified 24/11/2025 18:18

Labels: CVE-2022-50594 2025-11-06CVE-2022-50594CWE-89[email protected]

Essential information

Published
06/11/2025 20:15
Modified
24/11/2025 18:18
Author
Creator
CVSS
8.8 HIGH (v3) 8.8 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitation allows for the exfiltration of user data, included clear text passwords.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
advantech / iview cpe:2.3:a:advantech:iview:*:*:*:*:*:*:*:*

References