Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2023-36386

Published: 11/07/2023 Updated: 18/07/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Ruggedcom Rox Mx5000 Firmware

Vulnerability Summary

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an malicious user to execute malicious javascript code by tricking users into accessing a malicious link. The value is reflected in the response without sanitization while throwing an “invalid params element name” error on the get_elements parameters.

Vulnerable Product Search on Vulmon Subscribe to Product

siemens ruggedcom_rox_mx5000_firmware

siemens ruggedcom_rox_mx5000re_firmware

siemens ruggedcom_rox_rx1400_firmware

siemens ruggedcom_rox_rx1500_firmware

siemens ruggedcom_rox_rx1501_firmware

siemens ruggedcom_rox_rx1510_firmware

siemens ruggedcom_rox_rx1511_firmware

siemens ruggedcom_rox_rx1512_firmware

siemens ruggedcom_rox_rx1524_firmware

siemens ruggedcom_rox_rx1536_firmware

siemens ruggedcom_rox_rx5000_firmware

References

CWE-79https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdfhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook