CVE-2022-50591
Published: 06 November 2025
Description
Adversaries may leverage databases to mine valuable information.
Security Summary
CVE-2022-50591 is a critical vulnerability in Advantech iView versions prior to v5.7.04 build 6425. It exists within the SNMP management tool, where attackers can bypass authentication checks to access a SQL injection flaw in the ‘ztp_config_id’ parameter of the ‘NetworkServlet’ endpoint. The issue, linked to CWE-89 (SQL Injection) and CWE-306 (Missing Authentication for Critical Function), carries a CVSS 3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Remote attackers can exploit this vulnerability without authentication, privileges, or user interaction. By leveraging the SNMP tool to evade checks and injecting malicious payloads into the vulnerable parameter, they achieve high-impact confidentiality, integrity, and availability effects, primarily through exfiltration of user data including cleartext passwords.
Advantech recommends upgrading to iView v5.7.04 build 6425 or later to mitigate the vulnerability, as detailed in their firmware support advisory. Additional technical analysis and exploitation details are provided in advisories from Exodus Intelligence and VulnCheck.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE enables unauthenticated remote exploitation of a public-facing web application (NetworkServlet) via SNMP tool bypass (T1190) and SQL injection for database data exfiltration including cleartext passwords (T1213.006).