EUVD-2023-40356

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in RUGGEDCOM devices allows XSS attacks via unsanitized web interface responses

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-36390	11 Jul 202314:29	–	circl
CNNVD	Siemens RUGGEDCOM ROX 系列多款产品跨站脚本漏洞	11 Jul 202300:00	–	cnnvd
CNVD	Siemens RUGGEDCOM ROX cross-site scripting vulnerability (CNVD-2023-55709)	12 Jul 202300:00	–	cnvd
CVE	CVE-2023-36390	11 Jul 202309:07	–	cve
Cvelist	CVE-2023-36390	11 Jul 202309:07	–	cvelist
NCSC	Vulnerabilities fixed in Siemens products	11 Jul 202300:00	–	ncsc
NVD	CVE-2023-36390	11 Jul 202310:15	–	nvd
Prion	Cross site scripting	11 Jul 202310:15	–	prion
Positive Technologies	PT-2023-4064 · Siemens · Ruggedcom Rox Rx1400 +8	21 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-36390	23 May 202505:03	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "7bfae089-b7ea-3fe0-9009-e309ca5170fa",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "164201da-a1e6-3da9-95ce-cf2513287330",
        "product": {
          "name": "RUGGEDCOM ROX RX1512"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "68468867-8855-3c02-bf62-069953d6c980",
        "product": {
          "name": "RUGGEDCOM ROX RX1501"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "88937933-24fa-3ed1-89b6-f5438cce523e",
        "product": {
          "name": "RUGGEDCOM ROX RX1524"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "8b8e7aef-6fff-31cf-98d7-e595eb122272",
        "product": {
          "name": "RUGGEDCOM ROX MX5000RE"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "9137e26b-7d34-3700-bb97-7f36a1fd5c38",
        "product": {
          "name": "RUGGEDCOM ROX RX1536"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "98405c66-fde3-3dee-af8d-f74dd896d791",
        "product": {
          "name": "RUGGEDCOM ROX RX1500"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "bf21d92a-7e57-3ee2-8c38-9709a18ee6a1",
        "product": {
          "name": "RUGGEDCOM ROX RX1511"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "c61bf856-c8a6-3e7b-a70b-66d563e68bb5",
        "product": {
          "name": "RUGGEDCOM ROX RX1400"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "d75e73a6-0ea6-3b56-baa8-34ca4b270946",
        "product": {
          "name": "RUGGEDCOM ROX RX1510"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "df68c8ab-62ca-31b6-ad54-e26168112dce",
        "product": {
          "name": "RUGGEDCOM ROX MX5000"
        },
        "product_version": "All versions < V2.16.0"
      },
      {
        "id": "f132b5ed-521d-3852-bce6-b408cf663699",
        "product": {
          "name": "RUGGEDCOM ROX RX5000"
        },
        "product_version": "All versions < V2.16.0"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf

03 Oct 2025 20:07Current

7.4High risk

Vulners AI Score7.4

CVSS 3.15.4 - 8.8

EPSS0.00772

SSVC