CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2025/12/15 12:0 a.m.•1 views

Siemens RUGGEDCOM ROX II Command Injection Vulnerability (CNVD-2026-00016)

Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from a command injection vulnerability that is caused by insufficient authentication during the installation and loading of certain configuration files. An attacker...

8.6CVSS8.5AI score0.00017EPSS

CNVD•added 2025/12/15 12:0 a.m.•2 views

Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00020)

Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that stems from insufficient validation of SCEP client fields, which can be exploited by an attacker to cause execution of arbitrary...

8.6CVSS7.7AI score0.00022EPSS

CNVD•added 2025/12/15 12:0 a.m.•1 views

Siemens RUGGEDCOM ROX II Injection Vulnerability

8.8CVSS7.7AI score0.00019EPSS

CNVD•added 2025/12/15 12:0 a.m.•2 views

Siemens RUGGEDCOM ROX II Command Injection Vulnerability

Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from a command injection vulnerability that is caused by a flaw in the dynamic DNS configuration process. An attacker can exploit the vulnerability to execute...

8.8CVSS8.4AI score0.00015EPSS

CNVD•added 2025/12/15 12:0 a.m.•3 views

Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00018)

7.5CVSS7.7AI score0.00028EPSS

RedhatCVE•added 2025/12/10 11:33 a.m.•3 views

CVE-2024-56838

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

8.6CVSS9.3AI score0.00022EPSS

RedhatCVE•added 2025/12/10 11:33 a.m.•4 views

CVE-2024-56836

8.8CVSS9AI score0.00015EPSS

RedhatCVE•added 2025/12/10 11:33 a.m.•2 views

CVE-2024-56835

8.8CVSS9.1AI score0.00019EPSS

RedhatCVE•added 2025/12/10 11:33 a.m.•2 views

CVE-2024-56840

7.5CVSS9.4AI score0.00028EPSS

RedhatCVE•added 2025/12/10 11:33 a.m.•4 views

CVE-2024-56839

8.6CVSS9.5AI score0.00028EPSS

EUVD•added 2025/12/09 6:30 p.m.•2 views

EUVD-2024-55308

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. During the Dynamic DNS configuration of the affected product it is possible to inject additional configuration parameters. Under certain circumstances, an attacker could leverage this vulnerability to spawn a...

7.7CVSS6.5AI score0.00015EPSS

7.5CVSS7.6AI score0.00028EPSS

EUVD-2024-55304

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Under certain conditions, IPsec may allow code injection in the affected device. An attacker could leverage this scenario to execute arbitrary code as root user...

8.6CVSS6.5AI score0.00017EPSS

EUVD-2024-55307

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system...

8.6CVSS7.4AI score0.00022EPSS

EUVD-2024-55306

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user...

EUVD•added 2025/12/09 6:30 p.m.•2 views

EUVD-2024-55309

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system...

8.8CVSS6.8AI score0.00019EPSS

8.6CVSS7.7AI score0.00028EPSS

EUVD-2024-55305

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user...