Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2020-16245

AI Predicted 9.8 Difficulty: Easy EPSS 7.72% · P94
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-16245

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Advantech iView 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Advantech Iview是中国Advantech公司的一个基于简单网络协议(SNMP)来对 B + B SmartWorx 设备进行管理的软件。 Advantech iView 5.7以及之前八本存在路径遍历漏洞,该漏洞源于Advantech iView 未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Advantech iView Versions 5.7 and prior -

II. Public POCs for CVE-2020-16245

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-16245

登录查看更多情报信息。

Vendor Advisories for CVE-2020-16245 (9)

Same Patch Batch · n/a · 2020-08-25 · 13 CVEs total

CVE-2019-14904Ansible solaris_zone模块操作系统命令注入漏洞
CVE-2020-19005zrlog 安全漏洞
CVE-2020-15777Gradle 代码问题漏洞
CVE-2020-16197Octopus Deploy 信任管理问题漏洞
CVE-2020-24622Sonatype Nexus Repository 信息泄露漏洞
CVE-2020-24616FasterXML jackson-databind 代码问题漏洞
CVE-2020-14042Codiad 跨站脚本漏洞
CVE-2020-24609Savsoft Quiz 5 跨站脚本漏洞
CVE-2020-24242Netwide Assembler 安全漏洞
CVE-2020-24241Netwide Assembler 资源管理错误漏洞
CVE-2020-24240GNU Bison 资源管理错误漏洞
CVE-2020-24614Fossil 代码注入漏洞

IV. Related Vulnerabilities

V. Comments for CVE-2020-16245

No comments yet


Leave a comment