Vulnerabilidades en Bosch Rexroth AG
22 resultadosCVE-2025-27532MEDIUMA vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attEPSS 2.6%CVE-2025-24351HIGHA vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attaEPSS 0.7%CVE-2024-48989HIGHA vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch Rexroth allows an attacker to cause a denial EPSS 0.5%CVE-2025-24349HIGHA vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) aEPSS 0.5%CVE-2023-45851HIGHThe Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication.
EPSS 0.4%CVE-2025-24343MEDIUMA vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) atEPSS 0.4%CVE-2023-46102HIGHThe Android Client application, when enrolled to the AppHub server, connects to an MQTT
broker to exchange messages and receive commands toEPSS 0.4%CVE-2025-24348MEDIUMA vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) EPSS 0.4%CVE-2025-24347MEDIUMA vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) EPSS 0.4%CVE-2025-24341MEDIUMA vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoEPSS 0.4%CVE-2025-24346HIGHA vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to maEPSS 0.4%CVE-2025-24342MEDIUMA vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernaEPSS 0.4%CVE-2025-24338HIGHA vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attEPSS 0.3%CVE-2025-48860HIGHA vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remoteEPSS 0.3%CVE-2025-24350HIGHA vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privilegeEPSS 0.3%CVE-2025-24345MEDIUMA vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to mEPSS 0.3%CVE-2025-24344MEDIUMA vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbEPSS 0.3%CVE-2025-48861MEDIUMA vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract inEPSS 0.3%CVE-2025-24340MEDIUMA vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintEPSS 0.2%CVE-2025-24339MEDIUMA vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the EPSS 0.2%