275 matches found
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2022-30790)
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505465;...
Siemens RuggedCom Rox Out-of-bounds Read (CVE-2019-14197)
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfsreadreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Siemens RUGGEDCOM RST2428P Integer Overflow or Wraparound (CVE-2025-13601)
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...
Siemens RuggedCom Rox Use After Free (CVE-2023-3019)
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...
Siemens Ruggedcom Rox Improper Neutralization of Argument Delimiters in a Command (CVE-2025-40948)
Affected devices do not properly validate input in the web server's JSON-RPC interface. This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges. This plugin only works with Tenable.ot. Please visit...
Siemens RuggedCom Rox Heap-based Buffer Overflow (CVE-2024-3447)
A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a...
Siemens RUGGEDCOM RST2428P Expired Pointer Dereference (CVE-2025-49795)
A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P Path Traversal (CVE-2025-7039)
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14198)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv3 case. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Siemens RuggedCom Rox Classic Buffer Overflow (CVE-2022-30552)
Das U-Boot 2022.01 has a Buffer Overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505481; scriptversion"1.2";...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-10966)
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P External Control of File Name or Path (CVE-2026-26157)
A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentiall...
Siemens RuggedCom Rox Path Traversal (CVE-2025-6020)
A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23230)
In the Linux kernel, the following vulnerability has been resolved: smb: client: split cachedfid bitfields to avoid shared-byte RMW races isopen, haslease and onlist are stored in the same bitfield byte in struct cachedfid but are updated in different code paths that may run concurrently. Bitfiel...
Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14192)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14193)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfsreadlinkreply, in the if block after calculating the new path length. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens Ruggedcom Rox Uncontrolled Recursion (CVE-2019-13103)
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. This plugin only works with Tenable.ot. Please visit...
Siemens RuggedCom Rox Use of Weak Hash (CVE-2025-3576)
A vulnerability in the MIT Kerberos implementation allows GSSAPI- protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This m...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40214)
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14204)
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsumountallreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...