22 matches found
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-2686
Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2688
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
CVE-2017-2689
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
Cross site scripting
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
Design/Logic Flaw
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
Cross site request forgery (csrf)
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
Cross site scripting
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2689
CVE-2017-2689 affects Siemens RUGGEDCOM ROX I (all versions). An authenticated user can bypass access restrictions in the web interface on port 10000/TCP to obtain privileged file-system access or change configuration settings. Root cause: Improper Authorization (CWE-285) with CVSS v3 base score ...
CVE-2017-2689
Siemens RUGGEDCOM ROX I all versions allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings...
CVE-2017-2688
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a...
CVE-2017-6864
The integrated web server in Siemens RUGGEDCOM ROX I all versions at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks...
CVE-2017-2687
Siemens RUGGEDCOM ROX I all versions contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link...
CVE-2017-2688
The CVE-2017-2688 entry affects Siemens RUGGEDCOM ROX I (all versions) via the integrated web server on port 10000/TCP. The issue is a Cross-Site Request Forgery (CSRF) where an authenticated user who has an active session can be induced to click a malicious link or visit a malicious site, allowi...
CVE-2017-2686
Siemens RUGGEDCOM ROX I all versions contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information...
Siemens RUGGEDCOM ROX I Arbitrary File Read Vulnerability
Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. An arbitrary file read vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to read arbitrary files for...
Siemens RUGGEDCOM ROX I Cross-Site Scripting Vulnerability
Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to conduct a cross-site...