Lucene search
Andrea Micalizzi aka rgod (@rgod777)ZDI-22-935HistoryJun 30, 2022 - 12:00 a.m.
Advantech iView NetworkServlet backupDatabase backup_filename Command Injection Remote Code Execution Vulnerability
2022-06-3000:00:00
Andrea Micalizzi aka rgod (@rgod777)
www.zerodayinitiative.com
10
0.204 Low
EPSS
Percentile
96.4%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the backup_filename element of the backupDatabase action, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
Related
prion
prion
Command injection
2022-07-22 15:15:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-08-19 20:28:14
zdt
zdt
Advantech iView NetworkServlet Command Injection Exploit
2022-08-19 00:00:00
cvelist
cvelist
CVE-2022-2143 Advantech iView
2022-06-28 00:00:00
nvd
nvd
CVE-2022-2143
2022-07-22 15:15:08
checkpoint_advisories
checkpoint_advisories
Advantech iView Command Injection (CVE-2022-2143)
2022-10-31 00:00:00
metasploit
metasploit
Advantech iView NetworkServlet Command Injection
2022-07-19 22:25:57
cve
cve
CVE-2022-2143
2022-07-22 15:15:08
nessus
nessus
zdi
zdi
cnvd
cnvd
Advantech iView Command Injection Vulnerability (CNVD-2023-16477)
2022-06-30 00:00:00
packetstorm
packetstorm
Advantech iView NetworkServlet Command Injection
2022-08-18 00:00:00
ics
ics
Advantech iView
2022-06-28 12:00:00