ID

VAR-202206-2050


CVE

CVE-2022-2135


TITLE

Advantech iView setTaskEditorItem DESCRIPTION SQL Injection Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-22-919

DESCRIPTION

The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the restore_filename element of the restoreDatabase action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to bypass authentication on the system. Advantech iView

Trust: 11.79

sources: NVD: CVE-2022-2135 // ZDI: ZDI-22-905 // ZDI: ZDI-22-881 // ZDI: ZDI-22-885 // ZDI: ZDI-22-890 // ZDI: ZDI-22-891 // ZDI: ZDI-22-895 // ZDI: ZDI-22-900 // ZDI: ZDI-22-918 // ZDI: ZDI-22-919 // ZDI: ZDI-22-910 // ZDI: ZDI-22-911 // ZDI: ZDI-22-913 // ZDI: ZDI-22-914 // ZDI: ZDI-22-915 // ZDI: ZDI-22-916 // ZDI: ZDI-22-917 // ZDI: ZDI-22-901 // VULHUB: VHN-426269 // VULMON: CVE-2022-2135

AFFECTED PRODUCTS

vendor:advantechmodel:iviewscope: - version: -

Trust: 11.9

vendor:advantechmodel:iviewscope:ltversion:5.7.04.6469

Trust: 1.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881 // NVD: CVE-2022-2135

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2022-2135
value: HIGH

Trust: 9.1

ZDI: CVE-2022-2135
value: CRITICAL

Trust: 2.8

nvd@nist.gov: CVE-2022-2135
value: HIGH

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-2135
value: HIGH

Trust: 1.0

ZDI: CVE-2022-2135
baseSeverity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 9.1

ZDI: CVE-2022-2135
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 2.8

nvd@nist.gov: CVE-2022-2135
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881 // NVD: CVE-2022-2135 // NVD: CVE-2022-2135

PROBLEMTYPE DATA

problemtype:CWE-89

Trust: 1.1

sources: VULHUB: VHN-426269 // NVD: CVE-2022-2135

PATCH

title:Advantech has issued an update to correct this vulnerability.url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 11.9

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881

EXTERNAL IDS

db:NVDid:CVE-2022-2135

Trust: 13.1

db:ICS CERTid:ICSA-22-179-03

Trust: 1.2

db:ZDI_CANid:ZDI-CAN-16750

Trust: 0.7

db:ZDIid:ZDI-22-919

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16529

Trust: 0.7

db:ZDIid:ZDI-22-918

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16535

Trust: 0.7

db:ZDIid:ZDI-22-917

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16561

Trust: 0.7

db:ZDIid:ZDI-22-916

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16585

Trust: 0.7

db:ZDIid:ZDI-22-915

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16562

Trust: 0.7

db:ZDIid:ZDI-22-914

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16591

Trust: 0.7

db:ZDIid:ZDI-22-913

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16531

Trust: 0.7

db:ZDIid:ZDI-22-911

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16659

Trust: 0.7

db:ZDIid:ZDI-22-910

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16583

Trust: 0.7

db:ZDIid:ZDI-22-905

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16530

Trust: 0.7

db:ZDIid:ZDI-22-901

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16548

Trust: 0.7

db:ZDIid:ZDI-22-900

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16544

Trust: 0.7

db:ZDIid:ZDI-22-895

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16564

Trust: 0.7

db:ZDIid:ZDI-22-891

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16656

Trust: 0.7

db:ZDIid:ZDI-22-890

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16584

Trust: 0.7

db:ZDIid:ZDI-22-885

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16552

Trust: 0.7

db:ZDIid:ZDI-22-881

Trust: 0.7

db:VULHUBid:VHN-426269

Trust: 0.1

db:VULMONid:CVE-2022-2135

Trust: 0.1

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881 // VULHUB: VHN-426269 // VULMON: CVE-2022-2135 // NVD: CVE-2022-2135

REFERENCES

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 13.1

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881 // VULHUB: VHN-426269 // VULMON: CVE-2022-2135 // NVD: CVE-2022-2135

CREDITS

@rgod777

Trust: 7.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885

SOURCES

db:ZDIid:ZDI-22-919
db:ZDIid:ZDI-22-918
db:ZDIid:ZDI-22-917
db:ZDIid:ZDI-22-916
db:ZDIid:ZDI-22-915
db:ZDIid:ZDI-22-914
db:ZDIid:ZDI-22-913
db:ZDIid:ZDI-22-911
db:ZDIid:ZDI-22-910
db:ZDIid:ZDI-22-905
db:ZDIid:ZDI-22-901
db:ZDIid:ZDI-22-900
db:ZDIid:ZDI-22-895
db:ZDIid:ZDI-22-891
db:ZDIid:ZDI-22-890
db:ZDIid:ZDI-22-885
db:ZDIid:ZDI-22-881
db:VULHUBid:VHN-426269
db:VULMONid:CVE-2022-2135
db:NVDid:CVE-2022-2135

LAST UPDATE DATE

2024-11-14T22:49:01.030000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-919date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-918date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-917date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-916date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-915date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-914date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-913date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-911date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-910date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-905date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-901date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-900date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-895date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-891date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-890date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-885date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-881date:2022-06-30T00:00:00
db:VULHUBid:VHN-426269date:2022-07-28T00:00:00
db:NVDid:CVE-2022-2135date:2022-07-28T20:10:10.260

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-919date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-918date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-917date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-916date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-915date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-914date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-913date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-911date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-910date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-905date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-901date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-900date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-895date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-891date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-890date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-885date:2022-06-30T00:00:00
db:ZDIid:ZDI-22-881date:2022-06-30T00:00:00
db:VULHUBid:VHN-426269date:2022-07-22T00:00:00
db:NVDid:CVE-2022-2135date:2022-07-22T15:15:08.117