Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-6864 | 1 Siemens | 1 Ruggedcom Rox I | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks. | |||||
CVE-2017-2689 | 1 Siemens | 1 Ruggedcom Rox I | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings. | |||||
CVE-2017-2688 | 1 Siemens | 1 Ruggedcom Rox I | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF. | |||||
CVE-2017-2687 | 1 Siemens | 1 Ruggedcom Rox I | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link. | |||||
CVE-2017-2686 | 1 Siemens | 1 Ruggedcom Rox I | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information. |