Lucene search
K

187 matches found

Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.9 views

CVE-2024-27947

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems could allow log messages to be forwarded to a specific client under certain circumstances. An attacker could leverage this vulnerability to forward log messages to a specific compromised client...

5.3CVSS6.5AI score0.00571EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.51 views

CVE-2024-27947

CVE-2024-27947 affects Siemens RUGGEDCOM CROSSBOW (all versions prior to v5.5). The issue is information disclosure where log messages can be forwarded to a specific client under certain circumstances, enabling an attacker to forward logs to a compromised client. Connected advisories consistently...

5.3CVSS6.4AI score0.00571EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.23 views

CVE-2024-27947

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems could allow log messages to be forwarded to a specific client under certain circumstances. An attacker could leverage this vulnerability to forward log messages to a specific compromised client...

5.3CVSS5.2AI score0.00571EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.59 views

CVE-2024-27946

CVE-2024-27946 affects Siemens RUGGEDCOM CROSSBOW (all versions before V5.5). The issue is a path traversal/file download weakness that lets an attacker overwrite arbitrary files in the installation directory by supplying a target filename, given the attacker has the required privileges. Affected...

6.5CVSS6.7AI score0.00908EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.17 views

CVE-2024-27946

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. Downloading files overwrites files with the same name in the installation directory of the affected systems. The filename for the target file can be specified, thus arbitrary files can be overwritten by an attacker with...

6.5CVSS6.5AI score0.00908EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.23 views

CVE-2024-27945

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achie...

7.2CVSS7.3AI score0.01352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.19 views

CVE-2024-27945

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achie...

7.2CVSS7.5AI score0.01352EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.60 views

CVE-2024-27945

Affected product: Siemens RUGGEDCOM CROSSBOW. Vulnerability: External control of file name or path via the bulk import feature, enabling a privileged user to upload files to the root installation directory and potentially tamper files or achieve remote code execution. Root cause/vector: Bulk impo...

7.2CVSS7.5AI score0.01352EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.18 views

CVE-2024-27944

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

7.2CVSS7.6AI score0.01406EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.50 views

CVE-2024-27944

Siemens RUGGEDCOM CROSSBOW is affected by CVE-2024-27944 (and related CVEs in the same advisory) for all versions prior to V5.5. The issue is external control of file name or path in the Firmware Upload Handler, enabling a privileged user to upload firmware to the root installation directory and ...

7.2CVSS7.5AI score0.01406EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.19 views

CVE-2024-27944

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

7.2CVSS7.4AI score0.01406EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.63 views

CVE-2024-27943

Siemens RUGGEDCOM CROSSBOW is affected by CVE-2024-27943 (all versions

7.2CVSS7.5AI score0.01258EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.13 views

CVE-2024-27943

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

7.2CVSS7.3AI score0.01258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.11 views

CVE-2024-27943

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code...

7.2CVSS7.5AI score0.01258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.15 views

CVE-2024-27942

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...

7.5CVSS6.7AI score0.00687EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:2 a.m.17 views

CVE-2024-27942

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of...

7.5CVSS7.4AI score0.00687EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.61 views

CVE-2024-27942

Consolidated details for CVE-2024-27942: RUGGEDCOM CROSSBOW is affected in all versions prior to V5.5. The flaw allows any unauthenticated client to disconnect an active user from the server, enabling a denial-of-service condition. CVSS base score 7.5 ( HIGH ), network attack vector, low complexi...

7.5CVSS6.6AI score0.00687EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.19 views

CVE-2024-27941

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database...

8.8CVSS7.1AI score0.00781EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:2 a.m.14 views

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

8.8CVSS7.3AI score0.00781EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:2 a.m.53 views

CVE-2024-27940

CVE-2024-27940 affects Siemens/RUGGEDCOM CROSSBOW (versions prior to V5.5). Multiple sources confirm an SQL injection vulnerability that allows any authenticated user to send arbitrary SQL commands to the SQL server, potentially compromising the entire database. Publicly documented impact include...

8.8CVSS7.2AI score0.00781EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder