Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ruggedcom Crossbow Security Vulnerabilities - 2023

cve
cve

CVE-2023-27309

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.

8.8CVSS

5.7AI Score

0.002EPSS

2023-03-14 10:15 AM
26
cve
cve

CVE-2023-27310

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to...

8.8CVSS

6.7AI Score

0.002EPSS

2023-03-14 10:15 AM
23
cve
cve

CVE-2023-27411

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges.

8.8CVSS

8.9AI Score

0.001EPSS

2023-08-08 10:15 AM
15
cve
cve

CVE-2023-27462

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for.

4.3CVSS

3.9AI Score

0.001EPSS

2023-03-14 10:15 AM
17
cve
cve

CVE-2023-27463

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.

8.8CVSS

8.8AI Score

0.001EPSS

2023-03-14 10:15 AM
25
cve
cve

CVE-2023-37372

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database.

9.8CVSS

9.7AI Score

0.001EPSS

2023-08-08 10:15 AM
18
cve
cve

CVE-2023-37373

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system.

7.5CVSS

7.4AI Score

0.001EPSS

2023-08-08 10:15 AM
17