Unauthenticated Configuration Change and Code Execution in Advantech iView Versions Prior to v5.7.03.6112

Unauthenticated Configuration Change and Code Execution in Advantech iView Versions Prior to v5.7.03.6112

CVE-2021-22652 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.

Learn more about our Web Application Penetration Testing UK.