378 matches found
Siemens Ruggedcom ROX Improper Input Validation (CVE-2024-5642)
CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being not...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56839)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens Ruggedcom ROX Buffer Over-read (CVE-2020-22217)
Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
CVE-2025-68737
In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from changememorycommon The rodata=on security measure requires that any code path which does vmalloc - setmemoryro/setmemoryrox must protect the linear map alias too. Therefore, if such a...
Siemens RUGGEDCOM ROX II Command Injection Vulnerability
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from a command injection vulnerability that is caused by a flaw in the dynamic DNS configuration process. An attacker can exploit the vulnerability to execute...
Siemens RUGGEDCOM ROX II Command Injection Vulnerability (CNVD-2026-00016)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from a command injection vulnerability that is caused by insufficient authentication during the installation and loading of certain configuration files. An attacker...
Siemens RUGGEDCOM ROX II Injection Vulnerability
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that can be exploited by an attacker to gain root privileges...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00018)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00020)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that stems from insufficient validation of SCEP client fields, which can be exploited by an attacker to cause execution of arbitrary...
Siemens RUGGEDCOM ROX II Injection Vulnerability (CNVD-2026-00019)
Siemens RUGGEDCOM ROX II is an operating system for industrial applications from Siemens, Germany. Siemens RUGGEDCOM ROX II suffers from an injection vulnerability that can be exploited by an attacker to cause execution of arbitrary code...
CVE-2024-56835
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
CVE-2024-56838
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
CVE-2024-56836
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
CVE-2024-56840
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
CVE-2024-56837
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
CVE-2024-56839
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
EUVD-2024-55304
A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Under certain conditions, IPsec may allow code injection in the affected device. An attacker could leverage this scenario to execute arbitrary code as root user...
EUVD-2024-55309
A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system...
EUVD-2024-55307
A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system...
EUVD-2024-55305
A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user...