Vulnerability Details CVE-2024-56835
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.7%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-56835
-
cpe:2.3:h:siemens:ruggedcom_rox_ii:-
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:-
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.10.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.11.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.3
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.9.0