22 matches found
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-2688
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2689
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2686
Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...
Cross site scripting
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
Cross site scripting
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
Design/Logic Flaw
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
Cross site request forgery (csrf)
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2688
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
CVE-2017-2688
The CVE-2017-2688 entry affects Siemens RUGGEDCOM ROX I (all versions) via the integrated web server on port 10000/TCP. The issue is a Cross-Site Request Forgery (CSRF) where an authenticated user who has an active session can be induced to click a malicious link or visit a malicious site, allowi...
CVE-2017-2689
CVE-2017-2689 affects Siemens RUGGEDCOM ROX I (all versions). An authenticated user can bypass access restrictions in the web interface on port 10000/TCP to obtain privileged file-system access or change configuration settings. Root cause: Improper Authorization (CWE-285) with CVSS v3 base score ...
CVE-2017-2689
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
CVE-2017-2686
Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...
Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability (CNVD-2017-03649)
Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct cross-site...
Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability
Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct a cross-site...