Boschrexroth Ctrlx_hmi_web_panel_wr2110

9 CVEs affecting Boschrexroth Ctrlx_hmi_web_panel_wr2110. Latest disclosed: 2023-10-25. Critical: 0, High: 8.

Top CVEs affecting Boschrexroth Ctrlx_hmi_web_panel_wr2110
CVESeverityScorePublishedSummary
CVE-2023-46102High8.82023-10-25The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to execute on the HMI…
CVE-2023-45851High8.82023-10-25The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication.  This issue all…
CVE-2023-45220High8.82023-10-25The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensiti…
CVE-2023-41255High8.82023-10-25The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of au…
CVE-2023-45321High8.32023-10-25The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensit…
CVE-2023-43488High7.92023-10-25The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Andr…
CVE-2023-41372High7.82023-10-25The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client application, induci…
CVE-2023-41960High7.12023-10-25The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent applicati…
CVE-2023-45844Medium6.82023-10-25The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverag…