A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a…
siemens·CWE-73·Published 2024-05-14
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.
Se ha identificado una vulnerabilidad en RUGGEDCOM CROSSBOW (Todas las versiones < V5.5). La función de importación masiva de los sistemas afectados permite a un usuario privilegiado cargar archivos en el directorio de instalación raíz del sistema. Al reemplazar archivos específicos, un atacante podría alterar archivos específicos o incluso lograr la ejecución remota de código.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 7.2 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
| 3.1 | Primary | NVD | 7.2 | 1.2 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 7.2 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
| 3.1 | Secondary | NVD | 7.2 | 1.2 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |