CVE-2024-56835
CVE-2024-56835
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Siemens · RUGGEDCOM ROX MX5000Siemens · RUGGEDCOM ROX MX5000RESiemens · RUGGEDCOM ROX RX1400Siemens · RUGGEDCOM ROX RX1500Siemens · RUGGEDCOM ROX RX1501Siemens · RUGGEDCOM ROX RX1510Siemens · RUGGEDCOM ROX RX1511Siemens · RUGGEDCOM ROX RX1512Siemens · RUGGEDCOM ROX RX1524Siemens · RUGGEDCOM ROX RX1536Siemens · RUGGEDCOM ROX RX5000Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →