Vulnerability Details CVE-2022-29561
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.2%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-29561
-
cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-
-
cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-
-
cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-
-
cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:2.14.1
-
cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:2.14.0
-
cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:2.14.1