漏洞描述
Advantech iView 存在一个命令注入漏洞。此漏洞是由于应用程序在更新 NetworkServlet 数据库时对 backup_filename 参数的输入验证不当造成的。
Advantech iView NetworkServlet 命令注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-21799: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
- POC CVE-2021-21800: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
- POC CVE-2021-21801: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21802: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21803: Advantech R-SeeNet - Cross-Site Scripting
- POC CVE-2021-21805: Advantech R-SeeNet 2.4.12 - OS Command Injection
- POC rseenet-default-password: Advantech R-SeeNet Default Login
- POC rseenet-default-login: Advantech R-SeeNet Default Login
- Advantech iView CVE-2022-2136 SQL 注入漏洞
- Advantech iView CVE-2022-2138 拒绝服务漏洞
- Advantech iView ConfigurationServlet SQL注入漏洞
- Advantech iView CVE-2022-2139 目录遍历漏洞
- Advantech iView CVE-2022-2136 SQL 注入漏洞