187 matches found
CVE-2024-27940
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...
CVE-2024-27939
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system privileges...
CVE-2024-27944
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...
CVE-2024-27942
A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
Siemens RUGGEDCOM CROSSBOW
SUMMARY RUGGEDCOM CROSSBOW Station Access Controller SAC contains multiple vulnerabilities in the integrated SQLite component that could allow an attacker to execute arbitrary code or to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of authentication for a critical function, allowing attackers to trigger a service failure.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruptions...
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system is related to incorrect external manipulation of file names or files. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and execute arbitrary code...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries against the database.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a intruder to execute arbitrary code.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the deficiencies of its authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created malware files from a remote location...
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system lies in improper external manipulation of file names or files. Exploiting this vulnerability allows a remote attacker to upload arbitrary files and execute arbitrary code...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system, related to the lack of protection for operational data, allows a intruder to gain unauthorized access to confidential information.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for operational data. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to confidential information...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system allows a intruder to re-record any files in the system.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the validation of input data during the processing of sequence bypasses for directories. Exploiting this vulnerability allows a malicious actor to re-record any files in the system...
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a perpetrator to upload arbitrary files and execute arbitrary code.
The vulnerability of the Firmware Upload Handler component of the Siemens RUGGEDCOM CROSSBOW access control system is related to incorrect external manipulation of file names or files. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and execute arbitrary code...
Siemens RUGGEDCOM CROSSBOW Missing Critical Function Authentication Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. A security vulnerability exists in Siemens RUGGEDCOM CROSSBOW due to an affected system allowing any unauthenticated client to disconnect any active user from the server. An attacker could exploit this...
Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability (CNVD-2024-27529)
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a filename or path external control vulnerability due to an affected system allowing a privileged user to upload firmware files to the root installation director...
Siemens RUGGEDCOM CROSSBOW SQL Injection Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a SQL injection vulnerability due to a failure of an affected client system to properly filter input data before sending it to the SQL server. An attacker could...
Siemens RUGGEDCOM CROSSBOW Path Traversal Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. A path traversal vulnerability exists in Siemens RUGGEDCOM CROSSBOW, which can be exploited by an attacker to overwrite arbitrary files...
Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability (CNVD-2024-27530)
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a File Name or Path External Control vulnerability due to an affected system allowing a privileged user to upload generic files to the root installation director...
Siemens RUGGEDCOM CROSSBOW File Name or Path External Control Vulnerability
Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a filename or path external control vulnerability due to a bulk import feature on the affected system that allows a privileged user to upload files to the root...