Lucene search
K

187 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:50 a.m.7 views

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

8.8CVSS7.3AI score0.00781EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:49 a.m.5 views

CVE-2024-27939

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system privileges...

9.8CVSS7.7AI score0.00792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:47 a.m.4 views

CVE-2024-27944

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

7.2CVSS7.4AI score0.01406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:44 a.m.8 views

CVE-2024-27942

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...

7.5CVSS6.7AI score0.00687EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.10 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

9CVSS5.9AI score0.00781EPSS
Exploits0References4Affected Software1
ICS
ICS
added 2024/11/12 12:0 a.m.4 views

Siemens RUGGEDCOM CROSSBOW

SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station...

9.8AI score
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.6 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of authentication for a critical function, allowing attackers to trigger a service failure.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruptions...

7.8CVSS5.5AI score0.00687EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.7 views

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system is related to incorrect external manipulation of file names or files. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and execute arbitrary code...

9CVSS5.7AI score0.01258EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.5 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries against the database.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database...

9CVSS6AI score0.00781EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/17 12:0 a.m.7 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a intruder to execute arbitrary code.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the deficiencies of its authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created malware files from a remote location...

10CVSS6AI score0.00792EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.7 views

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system lies in improper external manipulation of file names or files. Exploiting this vulnerability allows a remote attacker to upload arbitrary files and execute arbitrary code...

8.3CVSS5.8AI score0.01352EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.6 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system, related to the lack of protection for operational data, allows a intruder to gain unauthorized access to confidential information.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for operational data. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to confidential information...

5.3CVSS5.5AI score0.00571EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.11 views

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system allows a intruder to re-record any files in the system.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the validation of input data during the processing of sequence bypasses for directories. Exploiting this vulnerability allows a malicious actor to re-record any files in the system...

7.7CVSS5.5AI score0.00908EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.5 views

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.

The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system is related to incorrect external manipulation of file names or files. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and execute arbitrary code...

8.3CVSS5.7AI score0.01406EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2024/05/16 12:0 a.m.6 views

Siemens RUGGEDCOM CROSSBOW Missing Critical Function Authentication Vulnerability

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. A security vulnerability exists in Siemens RUGGEDCOM CROSSBOW due to an affected system allowing any unauthenticated client to disconnect any active user from the server. An attacker could exploit this...

7.5CVSS6.7AI score0.00687EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.10 views

Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability (CNVD-2024-27529)

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a filename or path external control vulnerability due to an affected system allowing a privileged user to upload firmware files to the root installation director...

7.2CVSS7.5AI score0.01406EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.4 views

Siemens RUGGEDCOM CROSSBOW SQL Injection Vulnerability

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a SQL injection vulnerability due to a failure of an affected client system to properly filter input data before sending it to the SQL server. An attacker could...

8.8CVSS7AI score0.00781EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.10 views

Siemens RUGGEDCOM CROSSBOW Path Traversal Vulnerability

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. A path traversal vulnerability exists in Siemens RUGGEDCOM CROSSBOW, which can be exploited by an attacker to overwrite arbitrary files...

6.5CVSS6.6AI score0.00908EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.8 views

Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability (CNVD-2024-27530)

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a File Name or Path External Control vulnerability due to an affected system allowing a privileged user to upload generic files to the root installation director...

7.2CVSS7.4AI score0.01258EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.9 views

Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a filename or path external control vulnerability due to a bulk import feature on the affected system that allows a privileged user to upload files to the root...

7.2CVSS7.5AI score0.01352EPSS
Exploits0References1
Rows per page
Query Builder