CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

7.1CVSS0.00024EPSS

Exploits0References1

CNNVD•added 2025/08/14 12:0 a.m.•3 views

Bosch Rexroth ctrlX OS 安全漏洞

Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS, which stems from an improperly controlled privilege of the backup mechanism and...

8CVSS6.5AI score0.00057EPSS

Exploits0References1

CNNVD•added 2025/08/14 12:0 a.m.•4 views

BOSCH ctrlX OS 安全漏洞

BOSCH ctrlX OS is a Linux-based real-time operating system from the German company BOSCH. A security vulnerability exists in BOSCH ctrlX OS that stems from an unclear description of backup file encryption, which could lead to a user misinterpreting the backup file encryption status...

7.1CVSS6.6AI score0.00024EPSS

Exploits0References1

Positive Technologies•added 2025/08/14 12:0 a.m.•3 views

PT-2025-33138 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: A vulnerability in the web application of the ctrlX OS setup mechanism allowed an authenticated attacker with low privileges to gain remote access to backup archives created by a user with...

8CVSS6.3AI score0.00057EPSS

Exploits0References5

RedhatCVE•added 2025/05/02 12:15 p.m.•7 views

CVE-2025-24341

A vulnerability in the web application of ctrlX OS allows a remote authenticated low-privileged attacker to induce a Denial-of-Service DoS condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device...

6.5CVSS6.7AI score0.0043EPSS

Exploits0References1

RedhatCVE•added 2025/05/02 12:15 p.m.•13 views

CVE-2025-24345

A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the “hosts” file in an unintended manner via a crafted HTTP request...

6.3CVSS6.6AI score0.00236EPSS

Exploits0References1

RedhatCVE•added 2025/05/02 12:15 p.m.•9 views

CVE-2025-24347

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the network configuration file via a crafted HTTP request...

6.5CVSS6.6AI score0.00179EPSS

Exploits0References1

RedhatCVE•added 2025/05/02 12:12 p.m.•8 views

CVE-2025-24343

A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request...

5.4CVSS6.7AI score0.00491EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by