Rexroth Security Vulnerabilities
The vulnerability allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded...
9.8CVSS
9.2AI Score
0.001EPSS
The vulnerability allows an authenticated remote attacker to upload a malicious file to the SD card containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned...
5.5CVSS
5.7AI Score
0.001EPSS
The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP...
6.1CVSS
6.5AI Score
0.001EPSS
The vulnerability allows an unauthenticated remote attacker to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned...
6.3CVSS
6.5AI Score
0.001EPSS
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by...
8.8CVSS
8.8AI Score
0.001EPSS
The vulnerability allows an authenticated remote attacker to perform actions exceeding their authorized access via crafted HTTP...
8.8CVSS
8.4AI Score
0.001EPSS
The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded...
9.8CVSS
9.2AI Score
0.001EPSS
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network...
9.8CVSS
9.4AI Score
0.002EPSS
The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code execution (RCE) with root privileges on the...
8.8CVSS
8.7AI Score
0.001EPSS
The vulnerability allows an unauthenticated remote attacker to upload arbitrary files under the context of the application OS user (“root”) via a crafted HTTP...
9.8CVSS
9.2AI Score
0.001EPSS
The vulnerability allows an unauthenticated remote attacker to read arbitrary files under the context of the application OS user (“root”) via a crafted HTTP...
7.5CVSS
7.4AI Score
0.001EPSS
The vulnerability allows a remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP...
6.5CVSS
6.3AI Score
0.001EPSS
The vulnerability allows a remote authenticated attacker to read or update arbitrary content of the authentication database via a crafted HTTP request. By abusing this vulnerability it is possible to exfiltrate other users’ password hashes or update them with arbitrary values and access their...
8.8CVSS
8.3AI Score
0.001EPSS
The vulnerability allows a remote attacker to delete arbitrary files on the file system via a crafted URL or HTTP request through a victim’s...
8.1CVSS
7.8AI Score
0.001EPSS
The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP...
6.1CVSS
6.5AI Score
0.001EPSS
The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP...
7.5CVSS
7.4AI Score
0.001EPSS
The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP...
6.3CVSS
6.2AI Score
0.001EPSS
The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP...
6.5CVSS
6.3AI Score
0.001EPSS
The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP...
7.5CVSS
7.4AI Score
0.001EPSS
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network...
9.8CVSS
9.4AI Score
0.002EPSS
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network...
9.8CVSS
9.4AI Score
0.002EPSS
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network...
9.8CVSS
9.4AI Score
0.002EPSS
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network...
9.8CVSS
9.4AI Score
0.002EPSS
The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP...
7.5CVSS
7.4AI Score
0.001EPSS
The vulnerability allows an authenticated remote attacker to list arbitrary folders in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to steal session cookies of other active...
6.5CVSS
6.3AI Score
0.001EPSS
The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent encrypted with a...
7.8CVSS
7.3AI Score
0.0004EPSS
The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without requiring the...
7.9CVSS
7.4AI Score
0.0004EPSS
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug Bridge) protocol exposed...
8.8CVSS
8.8AI Score
0.001EPSS
The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application...
7.1CVSS
4AI Score
0.0004EPSS
The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature is not configurable.....
8.8CVSS
8.2AI Score
0.001EPSS
The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverage it to have access to critical device settings such as the device power management or eventually the device secure settings (ADB...
6.8CVSS
7AI Score
0.001EPSS
The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature is not...
8.8CVSS
8.3AI Score
0.0005EPSS
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication. This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI...
8.8CVSS
8.3AI Score
0.001EPSS
The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to execute on the HMI device. The protocol builds on top of MQTT to implement the remote management of the device is encrypted with a hard-coded DES symmetric...
8.8CVSS
8.7AI Score
0.001EPSS
The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated...
10CVSS
6AI Score
0.001EPSS
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the...
10CVSS
7.9AI Score
0.003EPSS
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another...
8.6CVSS
8.6AI Score
0.002EPSS
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow...
8.6CVSS
7.5AI Score
0.002EPSS