Advantech Iview Iview vulnerabilities
7 known vulnerabilities affecting advantech_iview/iview.
Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-2143P1CRITICALCVSS 9.8PoC≥ All, < 5_7_04_64692022-07-22
CVE-2022-2143 [CRITICAL] CWE-77 CVE-2022-2143: The affected product is vulnerable to two instances of command injection, which may allow an attacke
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
nvd
CVE-2022-2139P2CRITICALCVSS 9.8≥ All, < 5_7_04_64692022-07-22
CVE-2022-2139 [CRITICAL] CWE-23 CVE-2022-2139: The affected product is vulnerable to directory traversal, which may allow an attacker to access una
The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.
nvd
CVE-2022-2138P3HIGHCVSS 7.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2138 [HIGH] CWE-306 CVE-2022-2138: The affected product is vulnerable due to missing authentication, which may allow an attacker to rea
The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.
nvd
CVE-2022-2135P3HIGHCVSS 7.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2135 [HIGH] CWE-89 CVE-2022-2135: The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attac
The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2136P3MEDIUMCVSS 6.5≥ All, < 5_7_04_64692022-07-22
CVE-2022-2136 [MEDIUM] CWE-89 CVE-2022-2136: The affected product is vulnerable to multiple SQL injections that require low privileges for exploi
The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2142P4MEDIUMCVSS 5.9≥ All, < 5_7_04_64692022-07-22
CVE-2022-2142 [MEDIUM] CWE-89 CVE-2022-2142: The affected product is vulnerable to a SQL injection with high attack complexity, which may allow a
The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.
nvd
CVE-2022-2137P4MEDIUMCVSS 4.9≥ All, < 5_7_04_64692022-07-22
CVE-2022-2137 [MEDIUM] CWE-89 CVE-2022-2137: The affected product is vulnerable to two SQL injections that require high privileges for exploitati
The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information
nvd