Vulnerability Details CVE-2022-2143
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.592
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 9.8
References
- http://packetstormsecurity.com/files/168108/Advantech-iView-NetworkServlet-Command-Injection.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03
- http://packetstormsecurity.com/files/168108/Advantech-iView-NetworkServlet-Command-Injection.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03
Products affected by CVE-2022-2143
-
cpe:2.3:a:advantech:iview:5.6
-
cpe:2.3:a:advantech:iview:5.7
-
cpe:2.3:a:advantech:iview:5.7.02
-
cpe:2.3:a:advantech:iview:5.7.03.6112
-
cpe:2.3:a:advantech:iview:5.7.03.6182
-
cpe:2.3:a:advantech:iview:5.7.04.6425