Описание
A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection() function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service condition.
Ссылки
- Product
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
EPSS
7.6 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection() function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service condition.
Уязвимость функции CUtils.checkSQLInjection() системы централизованного управления сетевыми устройствами и портами Advantech iView, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
EPSS
7.6 High
CVSS3