Vulnerability Details CVE-2024-56837
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v3 Score 7.2
Products affected by CVE-2024-56837
-
cpe:2.3:h:siemens:ruggedcom_rox_ii:-
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:-
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.10.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.11.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.0
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.3
-
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.9.0