Siemens Ruggedcom Crossbow
16 CVEs affecting Siemens Ruggedcom Crossbow. Latest disclosed: 2024-05-14. Critical: 2, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-27939 | Critical | 9.8 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticate… |
CVE-2023-37372 | Critical | 9.8 | 2023-08-08 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an… |
CVE-2024-27941 | High | 8.8 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending… |
CVE-2024-27940 | High | 8.8 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL comman… |
CVE-2023-27411 | High | 8.8 | 2023-08-08 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an… |
CVE-2023-27463 | High | 8.8 | 2023-03-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. Th… |
CVE-2024-27942 | High | 7.5 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any unauthenticated client to disconnect any active… |
CVE-2024-27945 | High | 7.2 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upl… |
CVE-2024-27944 | High | 7.2 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the r… |
CVE-2024-27943 | High | 7.2 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the ro… |
CVE-2023-27310 | Medium | 6.6 | 2023-03-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper… |
CVE-2024-27946 | Medium | 6.5 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). Downloading files overwrites files with the same name in the installation di… |
CVE-2024-27947 | Medium | 5.3 | 2024-05-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems could allow log messages to be forwarded to a specific cl… |
CVE-2023-37373 | Medium | 5.3 | 2023-08-08 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unaut… |
CVE-2023-27309 | Medium | 5.0 | 2023-03-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper… |
CVE-2023-27462 | Low | 3.1 | 2023-03-14 | A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper… |