CVE-2025-53515 in iViewinformazioni

Riassunto

di MITRE • 11/07/2025

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsabile

Icscert

Prenotare

02/07/2025

Divulgazione

11/07/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00500

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!