CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-41372

The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent encrypted with a hardcoded RSA key pair

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.4%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2023-41372

Boschrexroth » Ctrlx Hmi Web Panel Wr2107 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2107:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2110 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2110:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2115 » Version: N/A

cpe:2.3:h:boschrexroth:ctrlx_hmi_web_panel_wr2115:-
Boschrexroth » Ctrlx Hmi Web Panel Wr2107 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2107_firmware:*
Boschrexroth » Ctrlx Hmi Web Panel Wr2110 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2110_firmware:*
Boschrexroth » Ctrlx Hmi Web Panel Wr2115 Firmware » Version: Any

cpe:2.3:o:boschrexroth:ctrlx_hmi_web_panel_wr2115_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-41372

Products

Pricing

Contact Us