128 matches found
CVE-2025-24342
A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests...
CVE-2025-24340
A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated low-privileged attacker to recover the plaintext passwords of other users...
CVE-2025-24338
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests...
CVE-2025-24341
A vulnerability in the web application of ctrlX OS allows a remote authenticated low-privileged attacker to induce a Denial-of-Service DoS condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device...
CVE-2025-24341
A vulnerability in the web application of ctrlX OS allows a remote authenticated low-privileged attacker to induce a Denial-of-Service DoS condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device...
CVE-2025-24341
The CVE-2025-24341 vulnerability affects the web application of ctrlX OS. A remote authenticated (low-privileged) attacker can induce a Denial-of-Service (DoS) on the device by sending multiple crafted HTTP requests, with the worst case requiring a full power cycle to regain control. According to...
CVE-2025-24340
CVE-2025-24340 affects ctrlX OS. The vulnerability is in the users configuration file, allowing a remote authenticated (low-privileged) attacker to recover plaintext passwords of other users. CVSS 3.1 base score 6.5 (Network, Low AWS, Privileges Required: Low, User Interaction: None, Confidential...
CVE-2025-24340
A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated low-privileged attacker to recover the plaintext passwords of other users...
CVE-2025-24340
A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated low-privileged attacker to recover the plaintext passwords of other users...
CVE-2025-24339
A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle MitM, via a crafted HTTP request...
CVE-2025-24339
A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle MitM, via a crafted HTTP request...
CVE-2025-24338
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests...
CVE-2025-24338
CVE-2025-24338 affects the web application of ctrlX OS, specifically the "Manages app data" functionality. A remote authenticated (low privilege) attacker can execute arbitrary client-side code in another user’s browser by sending multiple crafted HTTP requests. Evidence from multiple sources con...
CVE-2025-24338
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated lowprivileged attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS, which originates from a specially crafted HTTP request in the certificate and ke...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, Germany, designed as an open control platform for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that stems from mishandling of error notification messages, which cou...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS, which originates from a specially crafted HTTP request in the remote logging...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that stems from improper handling of user configuration files, which could lead t...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS, which stems from improper Proxy functionality that could lead to tampering with...
Bosch Rexroth ctrlX OS 安全漏洞
Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, Germany, designed as an open control platform for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that originates from a specially crafted HTTP request in the web...