Vulnerability Details CVE-2022-2143
The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.583
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 9.8
References
- http://packetstormsecurity.com/files/168108/Advantech-iView-NetworkServlet-Command-Injection.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03
- http://packetstormsecurity.com/files/168108/Advantech-iView-NetworkServlet-Command-Injection.html
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03
Products affected by CVE-2022-2143
-
cpe:2.3:a:advantech:iview:5.6
-
cpe:2.3:a:advantech:iview:5.7
-
cpe:2.3:a:advantech:iview:5.7.02
-
cpe:2.3:a:advantech:iview:5.7.03.6112
-
cpe:2.3:a:advantech:iview:5.7.03.6182
-
cpe:2.3:a:advantech:iview:5.7.04.6425