Unrated severityNVD Advisory· Published Nov 6, 2025· Updated Nov 15, 2025

Advantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCE

CVE-2022-50593

Description

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘search_term’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitation allows for remote code execution with administrator privileges.

Affected products

Advantech/iViewllm-fuzzy
Range: <5.7.04 build 6425
Advantech/iViewv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.advantech.tw/support/details/firmwaremitrerelease-notespatch
www.vulncheck.com/advisories/advantech-iview-searchterm-parameter-sqli-rcemitrethird-party-advisory
blog.exodusintel.com/2022/03/01/advantech-iview-search_term-parameter-sql-injection-remote-code-execution-vulnerability/mitretechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000