High severity8.8NVD Advisory· Published Jul 11, 2025· Updated Jun 17, 2026
CVE-2025-52577
CVE-2025-52577
Description
A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- www.cisa.gov/news-events/ics-advisories/icsa-25-191-08nvdThird Party AdvisoryUS Government Resource
- www.advantech.com/en/support/details/firmware-nvdProduct
News mentions
0No linked articles in our index yet.