VYPR
Unrated severityNVD Advisory· Published Nov 6, 2025· Updated Nov 15, 2025

Advantech iView < v5.7.04 Build 6425 getInventoryReportData Parameter SQL Injection RCE

CVE-2022-50592

Description

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitation allows for remote code execution with administrator privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Advantech/iViewllm-fuzzy2 versions
    <5.7.04 build 6425+ 1 more
    • (no CPE)range: <5.7.04 build 6425
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.