CVE-2025-53515

Name of the Vulnerable Software and Affected Versions: Advantech iView (affected versions not specified)

Description: A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution. The issue is located in the NetworkServlet.archiveTrap() function and requires an authenticated attacker with user-level privileges. Insufficient input sanitization allows an attacker to perform SQL injection and potentially execute code in the context of the ‘nt authoritylocal service’ account.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.