cbcvebase.

Advantech Iview Iview vulnerabilities

7 known vulnerabilities affecting advantech_iview/iview.

Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2022-2143P1CRITICALCVSS 9.8PoC≥ All, < 5_7_04_64692022-07-22
CVE-2022-2143 [CRITICAL] CWE-77 CVE-2022-2143: The affected product is vulnerable to two instances of command injection, which may allow an attacke The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2022-2139P2CRITICALCVSS 9.8≥ All, < 5_7_04_64692022-07-22
CVE-2022-2139 [CRITICAL] CWE-23 CVE-2022-2139: The affected product is vulnerable to directory traversal, which may allow an attacker to access una The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.
nvd
CVE-2022-2138P3HIGHCVSS 7.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2138 [HIGH] CWE-306 CVE-2022-2138: The affected product is vulnerable due to missing authentication, which may allow an attacker to rea The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.
nvd
CVE-2022-2135P3HIGHCVSS 7.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2135 [HIGH] CWE-89 CVE-2022-2135: The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attac The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2136P3MEDIUMCVSS 6.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2136 [MEDIUM] CWE-89 CVE-2022-2136: The affected product is vulnerable to multiple SQL injections that require low privileges for exploi The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2142P4MEDIUMCVSS 5.9≥ All, < 5_7_04_64692022-07-22
CVE-2022-2142 [MEDIUM] CWE-89 CVE-2022-2142: The affected product is vulnerable to a SQL injection with high attack complexity, which may allow a The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2137P4MEDIUMCVSS 4.9≥ All, < 5_7_04_64692022-07-22
CVE-2022-2137 [MEDIUM] CWE-89 CVE-2022-2137: The affected product is vulnerable to two SQL injections that require high privileges for exploitati The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information
nvd
Advantech Iview Iview vulnerabilities | cvebase