Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens ruggedcom crossbow vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-37372
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote malicious users to execute arbitrary SQL queries on the server database.
Siemens Ruggedcom Crossbow
8.8
CVSSv3
CVE-2023-27411
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote malicious users to execute arbitrary SQL queries on the server database and escalate privileges.
Siemens Ruggedcom Crossbow
8.8
CVSSv3
CVE-2023-27463
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote malicious users to execute arbitrary SQL queries on the server database.
Siemens Ruggedcom Crossbow
8.8
CVSSv3
CVE-2023-27309
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote malicious user to perform unauthoriz...
Siemens Ruggedcom Crossbow
8.8
CVSSv3
CVE-2023-27310
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote malicious user to assign...
Siemens Ruggedcom Crossbow
7.5
CVSSv3
CVE-2023-37373
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system.
Siemens Ruggedcom Crossbow
4.3
CVSSv3
CVE-2023-27462
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote malicious users to access data they are ...
Siemens Ruggedcom Crossbow
NA
CVE-2024-27939
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system privileges.
NA
CVE-2024-27940
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.
NA
CVE-2024-27941
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »