CVE-2025-52459
A vulnerability exists in Advantech iView that allows for argument
injection in NetworkServlet.backupDatabase(). This issue requires an
authenticated attacker with at least user-level privileges. Certain
parameters can be used directly in a command without proper
sanitization, allowing arbitrary arguments to be injected. This can
result in information disclosure, including sensitive database
credentials.
injection in NetworkServlet.backupDatabase(). This issue requires an
authenticated attacker with at least user-level privileges. Certain
parameters can be used directly in a command without proper
sanitization, allowing arbitrary arguments to be injected. This can
result in information disclosure, including sensitive database
credentials.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-07-11 00:15:26
Güncelleme
2025-07-15 13:14:49
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-