CVE-2025-53509 in iViewinfo

Zusammenfassung

von MITRE • 11.07.2025

A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase(). This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitrary arguments to be injected. This can result in information disclosure, including sensitive database credentials.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Icscert

Reservieren

02.07.2025

Veröffentlichung

11.07.2025

Moderieren

akzeptiert

Eintrag

VDB-316069

CPE

bereit

EPSS

0.00286

KEV

nein

Aktivitäten

very low

Quellen

Want to know what is going to be exploited?

We predict KEV entries!