Shodan
Vulnerabilities
Vulnerable Software
Siemens:  >> Ruggedcom Rox Ii Firmware  >> 2.13.3  Security Vulnerabilities
CVE-2024-56838
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-09
CVE-2024-56839
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Code injection can be achieved when the affected device is using VRF (Virtual Routing and Forwarding). An attacker could leverage this scenario to execute arbitrary code as root user.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-09
CVE-2024-56840
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Under certain conditions, IPsec may allow code injection in the affected device. An attacker could leverage this scenario to execute arbitrary code as root user.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-09
CVE-2024-56835
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-12-09
CVE-2024-56836
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). During the Dynamic DNS configuration of the affected product it is possible to inject additional configuration parameters. Under certain circumstances, an attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-09
CVE-2024-56837
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved