CVE-2025-53509

Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
11/07/2025
Last modified:
11/07/2025

Description

A vulnerability exists in Advantech iView that allows for argument <br /> injection in the NetworkServlet.restoreDatabase(). This issue requires <br /> an authenticated attacker with at least user-level privileges. An input <br /> parameter can be used directly in a command without proper sanitization,<br /> allowing arbitrary arguments to be injected. This can result in <br /> information disclosure, including sensitive database credentials.