Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.1%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2025-53475
  • Advantech » Iview » Version: 5.6
    cpe:2.3:a:advantech:iview:5.6
  • Advantech » Iview » Version: 5.7
    cpe:2.3:a:advantech:iview:5.7
  • Advantech » Iview » Version: 5.7.02
    cpe:2.3:a:advantech:iview:5.7.02
  • Advantech » Iview » Version: 5.7.03.6112
    cpe:2.3:a:advantech:iview:5.7.03.6112
  • Advantech » Iview » Version: 5.7.03.6182
    cpe:2.3:a:advantech:iview:5.7.03.6182
  • Advantech » Iview » Version: 5.7.04.6469
    cpe:2.3:a:advantech:iview:5.7.04.6469
  • Advantech » Iview » Version: 5.7.04.6583
    cpe:2.3:a:advantech:iview:5.7.04.6583
  • Advantech » Iview » Version: 5.7.04.6752
    cpe:2.3:a:advantech:iview:5.7.04.6752


Products
Pricing
Contact Us

Shodan ® - All rights reserved