CVE-2025-52577

Name of the Vulnerable Software and Affected Versions: Advantech iView (affected versions not specified)

Description: A vulnerability exists that could allow SQL injection and remote code execution through the NetworkServlet.archiveTrapRange() function. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authoritylocal service' account.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.