VYPR
High severity8.8NVD Advisory· Published Jul 11, 2025· Updated Jun 17, 2026

CVE-2025-52577

CVE-2025-52577

Description

A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Advantech/iViewllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.