Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-36755

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-11 Jul, 2023 | 09:07
Updated At-19 Nov, 2024 | 16:30
Rejected At-
Credits

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP CA Certificate Name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:11 Jul, 2023 | 09:07
Updated At:19 Nov, 2024 | 16:30
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP CA Certificate Name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

Affected Products
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX MX5000
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX MX5000RE
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1400
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1500
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1501
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1510
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1511
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1512
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1524
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX1536
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Vendor
Siemens AGSiemens
Product
RUGGEDCOM ROX RX5000
Default Status
unknown
Versions
Affected
  • All versions < V2.16.0
Problem Types
TypeCWE IDDescription
CWECWE-77CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
Type: CWE
CWE ID: CWE-77
Description: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_mx5000
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_mx5000re
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1400
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1500
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1511
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1512
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1524
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx1536
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Vendor
Siemens AGsiemens
Product
ruggedcom_rox_rx5000
CPEs
  • cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before V2.16.0 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:11 Jul, 2023 | 10:15
Updated At:18 Jul, 2023 | 15:41

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The SCEP CA Certificate Name parameter in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Siemens AG
siemens
>>ruggedcom_rox_mx5000_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_mx5000>>-
cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_mx5000re_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_mx5000re>>-
cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1400_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1400>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1500_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1500>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1501_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1501>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1510_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1510>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1511_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1511>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1512_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1512>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1524_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1524>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1536_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx1536>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx5000_firmware>>Versions before 2.16.0(exclusive)
cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>ruggedcom_rox_rx5000>>-
cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-77Primarynvd@nist.gov
CWE-77Secondaryproductcert@siemens.com
CWE ID: CWE-77
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-77
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

462Records found
CVE-2025-40815
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.05% / 14.41%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 20:20
Updated-12 Nov, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.

Action-Not Available
Vendor-Siemens AG
Product-LOGO! 24CESIPLUS LOGO! 12/24RCESIPLUS LOGO! 12/24RCEoSIPLUS LOGO! 230RCEoLOGO! 12/24RCEoLOGO! 24RCESIPLUS LOGO! 24RCEoSIPLUS LOGO! 24RCELOGO! 230RCEoSIPLUS LOGO! 24CEoLOGO! 12/24RCELOGO! 24RCEoLOGO! 24CEoLOGO! 230RCESIPLUS LOGO! 230RCESIPLUS LOGO! 24CE
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-40746
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.56% / 68.38%
||
7 Day CHG+0.05%
Published-12 Aug, 2025 | 11:17
Updated-20 Aug, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2024-41788
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 77.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41940
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.55% / 67.94%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-13 Aug, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMSsinec_nms
CWE ID-CWE-20
Improper Input Validation
CVE-2024-41903
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.33%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-14 Aug, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzersinec_traffic_analyzer
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-41789
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 77.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41790
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 77.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-38878
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-12.77% / 94.03%
||
7 Day CHG+3.82%
Published-02 Aug, 2024 | 10:36
Updated-03 Nov, 2025 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system.

Action-Not Available
Vendor-Siemens AG
Product-omnivise_t3000_application_serverOmnivise T3000 R8.2 SP4Omnivise T3000 R8.2 SP3Omnivise T3000 Application Server R9.2
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-24635
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-5.40% / 90.15%
||
7 Day CHG+0.95%
Published-29 Mar, 2021 | 19:05
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-33499
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.17% / 37.84%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-27943
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-2.61% / 85.66%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-27945
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-2.41% / 85.11%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-27944
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-2.41% / 85.11%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-73
External Control of File Name or Path
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-49692
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.14% / 33.23%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-13 Aug, 2024 | 07:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.

Action-Not Available
Vendor-Siemens AG
Product-6gk5876-4aa10-2ba26gk5876-4aa00-2da2_firmware6gk5812-1ba00-2aa26gk5856-2ea00-3aa16gk6108-4am00-2da26gk5876-4aa00-2da26gk5876-3aa02-2ba2_firmware6gk5816-1aa00-2aa2_firmware6gk5876-3aa02-2ea2_firmware6gk5876-4aa00-2ba26gk5826-2ab00-2ab26gk5856-2ea00-3aa1_firmware6gk5876-4aa00-2ba2_firmware6gk5812-1aa00-2aa26gk6108-4am00-2da2_firmware6gk5856-2ea00-3da1_firmware6gk5874-2aa00-2aa2_firmware6gk5804-0ap00-2aa2_firmware6gk5874-3aa00-2aa26gk5812-1aa00-2aa2_firmware6gk5816-1ba00-2aa26gk5874-2aa00-2aa26gk5826-2ab00-2ab2_firmware6gk6108-4am00-2ba26gk5615-0aa00-2aa26gk5856-2ea00-3da16gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5853-2ea00-2da16gk5804-0ap00-2aa26gk5615-0aa01-2aa2_firmware6gk5876-3aa02-2ea26gk5876-4aa10-2ba2_firmware6gk5876-3aa02-2ba26gk6108-4am00-2ba2_firmware6gk5853-2ea00-2da1_firmware6gk5812-1ba00-2aa2_firmware6gk5615-0aa00-2aa2_firmware6gk5816-1aa00-2aa26gk5615-0aa01-2aa2SCALANCE M874-3SCALANCE M816-1 ADSL-RouterSCALANCE M876-3 (ROK)SCALANCE M812-1 ADSL-RouterSCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4 (EU)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-49691
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.12% / 30.77%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-13 Aug, 2024 | 07:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update.

Action-Not Available
Vendor-Siemens AG
Product-6gk5876-4aa10-2ba26gk5876-4aa00-2da2_firmware6gk5812-1ba00-2aa26gk5856-2ea00-3aa16gk6108-4am00-2da26gk5876-4aa00-2da26gk5876-3aa02-2ba2_firmware6gk5816-1aa00-2aa2_firmware6gk5876-3aa02-2ea2_firmware6gk5876-4aa00-2ba26gk5826-2ab00-2ab26gk5856-2ea00-3aa1_firmware6gk5876-4aa00-2ba2_firmware6gk5812-1aa00-2aa26gk6108-4am00-2da2_firmware6gk5856-2ea00-3da1_firmware6gk5874-2aa00-2aa2_firmware6gk5804-0ap00-2aa2_firmware6gk5874-3aa00-2aa26gk5812-1aa00-2aa2_firmware6gk5816-1ba00-2aa26gk5874-2aa00-2aa26gk5826-2ab00-2ab2_firmware6gk6108-4am00-2ba26gk5615-0aa00-2aa26gk5856-2ea00-3da16gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5853-2ea00-2da16gk5804-0ap00-2aa26gk5615-0aa01-2aa2_firmware6gk5876-3aa02-2ea26gk5876-4aa10-2ba2_firmware6gk5876-3aa02-2ba26gk6108-4am00-2ba2_firmware6gk5853-2ea00-2da1_firmware6gk5812-1ba00-2aa2_firmware6gk5615-0aa00-2aa2_firmware6gk5816-1aa00-2aa26gk5615-0aa01-2aa2SCALANCE M874-3SCALANCE M816-1 ADSL-RouterSCALANCE M876-3 (ROK)SCALANCE M812-1 ADSL-RouterSCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4 (EU)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-44317
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.15% / 35.50%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:03
Updated-14 Jan, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xp216_firmwarescalance_xc224-4c_g_firmwarescalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)scalance_xb213-3_\(st\,_pn\)_firmwarescalance_xb213-3_\(sc\,_e\/ip\)_firmwarescalance_xb213-3_\(st\,_e\/ip\)_firmwarescalance_xr326-2c_poe_wgscalance_xb216_\(pn\)scalance_xb213-3ld_\(sc\,_pn\)scalance_xp216eec_firmwarescalance_xb205-3_\(st\,_pn\)scalance_xr324wg_\(24_x_fe\,_ac_230v\)_firmwarescalance_xb205-3_\(sc\,_pn\)_firmwarescalance_xc216-4c_g_\(eip_def.\)scalance_xc206-2sfp_eecscalance_xc224-4c_g_eecscalance_xp208eecscalance_xb213-3ld_\(sc\,_e\/ip\)scalance_xc208g_\(eip_def.\)scalance_xc208g_poe_\(54_v_dc\)_firmwarescalance_xb208_\(e\/ip\)scalance_xc206-2sfp_g_firmwarescalance_xc216eec_firmwarescalance_xb208_\(pn\)_firmwarescalance_xc224_firmwarescalance_xp216_\(ethernet\/ip\)_firmwarescalance_xr326-2c_poe_wg_\(without_ul\)_firmwarescalance_xc206-2sfp_gscalance_xc208eec_firmwarescalance_xp216siplus_net_scalance_xc208scalance_xb205-3_\(st\,_e\/ip\)scalance_xb205-3_\(st\,_pn\)_firmwarescalance_xb205-3ld_\(sc\,_e\/ip\)_firmwarescalance_xr324wg_\(24_x_fe\,_dc_24v\)_firmwarescalance_xr328-4c_wg_\(28xge\,_ac_230v\)scalance_xc208g_poe_firmwarescalance_xf204_dna_firmwarescalance_xr328-4c_wg_\(28xge\,_dc_24v\)scalance_xp216poe_eec_firmwarescalance_xc206-2sfp_g_\(eip_def.\)scalance_xc216-4c_gscalance_xc206-2g_poe_\(54_v_dc\)_firmwarescalance_xc206-2g_poescalance_xc216-4c_firmwarescalance_xc216-4c_g_firmwarescalance_xp208poe_eecscalance_xc208g_poe_\(54_v_dc\)scalance_xb213-3_\(sc\,_pn\)siplus_net_scalance_xc206-2sfpscalance_xb205-3_\(st\,_e\/ip\)_firmwarescalance_xb216_\(e\/ip\)scalance_xc216-3g_poe_firmwarescalance_xr328-4c_wg_\(28xge\,_dc_24v\)_firmwarescalance_xc208g_\(eip_def.\)_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_eec_firmwarescalance_xb205-3ld_\(sc\,_e\/ip\)scalance_xb213-3_\(sc\,_e\/ip\)scalance_xb213-3_\(sc\,_pn\)_firmwarescalance_xb213-3_\(st\,_e\/ip\)scalance_xf204siplus_net_scalance_xc206-2_firmwarescalance_xc206-2sfp_g_eecscalance_xc206-2sfp_g_\(eip_def.\)_firmwarescalance_xc208eecscalance_xc206-2_\(sc\)_firmwarescalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)siplus_net_scalance_xc216-4cscalance_xc208_firmwarescalance_xb213-3ld_\(sc\,_pn\)_firmwarescalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)scalance_xc224scalance_xc224-4c_gscalance_xb216_\(e\/ip\)_firmwarescalance_xc216-4c_g_eecscalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)_firmwarescalance_xc206-2sfp_g_eec_firmwaresiplus_net_scalance_xc206-2scalance_xc216-3g_poe_\(54_v_dc\)scalance_xp216poe_eecscalance_xc206-2g_poe_eec_\(54_v_dc\)scalance_xc206-2sfp_firmwarescalance_xc206-2_\(st\/bfoc\)scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)_firmwarescalance_xp208poe_eec_firmwarescalance_xb205-3ld_\(sc\,_pn\)scalance_xr328-4c_wg_\(28xge\,_ac_230v\)_firmwarescalance_xr326-2c_poe_wg_firmwaresiplus_net_scalance_xc206-2sfp_firmwarescalance_xc216-4csiplus_net_scalance_xc208_firmwarescalance_xf204-2ba_firmwarescalance_xr324wg_\(24_x_fe\,_ac_230v\)scalance_xb205-3ld_\(sc\,_pn\)_firmwarescalance_xc208g_eec_firmwarescalance_xc206-2sfpscalance_xc206-2g_poe_firmwarescalance_xb208_\(pn\)scalance_xr326-2c_poe_wg_\(without_ul\)scalance_xc208g_poescalance_xp216_\(ethernet\/ip\)siplus_net_scalance_xc216-4c_firmwarescalance_xc224-4c_g_\(eip_def.\)scalance_xc206-2_\(sc\)scalance_xr324wg_\(24_x_fe\,_dc_24v\)scalance_xp208_firmwarescalance_xc216-4c_g_eec_firmwarescalance_xc216scalance_xb205-3_\(sc\,_pn\)scalance_xp208scalance_xf204-2bascalance_xc206-2_\(st\/bfoc\)_firmwarescalance_xb213-3_\(st\,_pn\)scalance_xc206-2sfp_eec_firmwarescalance_xb208_\(e\/ip\)_firmwarescalance_xc224-4c_g_\(eip_def.\)_firmwarescalance_xp208eec_firmwarescalance_xp216eecscalance_xc208g_eecscalance_xf204_dnascalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)_firmwarescalance_xc206-2g_poe_\(54_v_dc\)scalance_xc216-4c_g_\(eip_def.\)_firmwarescalance_xb216_\(pn\)_firmwarescalance_xc216_firmwarescalance_xc208gscalance_xc216-3g_poe_\(54_v_dc\)_firmwarescalance_xf204-2ba_dnascalance_xb213-3ld_\(sc\,_e\/ip\)_firmwarescalance_xc208g_firmwarescalance_xc206-2g_poe_eec_\(54_v_dc\)_firmwarescalance_xp208_\(ethernet\/ip\)scalance_xf204_firmwarescalance_xc216-3g_poescalance_xc216eecscalance_xp208_\(ethernet\/ip\)_firmwarescalance_xc208SCALANCE S615 LAN-RouterSCALANCE WAM766-1 (ME)SCALANCE WAM766-1SCALANCE M876-3SCALANCE WUB762-1 iFeaturesSCALANCE WUM766-1SCALANCE M812-1 ADSL-RouterSCALANCE WUM766-1 (ME)SCALANCE M816-1 ADSL-RouterSCALANCE M876-4 (EU)SCALANCE WUB762-1RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M874-2SCALANCE WAM763-1SCALANCE M804PBSCALANCE WAM766-1 EEC (ME)SCALANCE WAM766-1 EECSCALANCE WUM763-1 (US)SCALANCE WAM766-1 EEC (US)SCALANCE WUM763-1SCALANCE WUM766-1 (USA)SCALANCE WAM763-1 (US)SCALANCE MUM853-1 (EU)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)SCALANCE M876-4SCALANCE WAB762-1SCALANCE M876-3 (ROK)SCALANCE WAM763-1 (ME)SCALANCE MUM856-1 (EU)SCALANCE WAM766-1 (US)SCALANCE M874-3SCALANCE S615 EEC LAN-RouterSCALANCE M876-4 (NAM)
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2023-44373
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.61% / 69.93%
||
7 Day CHG+0.11%
Published-14 Nov, 2023 | 11:04
Updated-14 Apr, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.

Action-Not Available
Vendor-Siemens AG
Product-6gk5213-3bd00-2tb26gk5213-3bb00-2ab2_firmware6gk5208-0ua00-5es66gk5328-4fs00-3rr3_firmware6gk5204-2aa00-2yf26gk5205-3bb00-2tb2_firmware6gk5205-3bb00-2ab26gk5213-3bd00-2tb2_firmware6gk5208-0ga00-2tc26gk5328-4fs00-2rr3_firmware6ag1206-2bs00-7ac2_firmware6gk5206-2gs00-2ac26gk5204-2aa00-2yf2_firmware6gk5328-4ss00-3ar3_firmware6gk5206-2gs00-2tc26gk5216-0ha00-2as6_firmware6gk5324-0ba00-3ar36gk5328-4fs00-3ar36gk5208-0ha00-2es66gk5216-0ha00-2as66gk5216-0ha00-2ts6_firmware6gk5206-2bb00-2ac26gk5216-0ba00-2fc2_firmware6gk5328-4ss00-3ar36gk5205-3bf00-2tb2_firmware6gk5224-4gs00-2fc2_firmware6gk5216-0ba00-2tb26gk5324-0ba00-3ar3_firmware6gk5204-0ba00-2gf2_firmware6gk5216-0ha00-2ts66gk5216-3rs00-2ac26gk5208-0ba00-2ac2_firmware6gk5224-0ba00-2ac2_firmware6gk5328-4ss00-2ar36gk5328-4fs00-2ar36gk5216-3rs00-5ac2_firmware6gk5205-3bf00-2ab26gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb26gk5206-2rs00-5fc2_firmware6gk5208-0ga00-2fc2_firmware6gk5328-4fs00-3ar3_firmware6gk5216-4gs00-2fc26gk5213-3bb00-2tb2_firmware6gk5216-0ba00-2ab2_firmware6gk5216-0ba00-2fc26gk5205-3bd00-2tb2_firmware6gk5206-2gs00-2fc26gk5206-2rs00-2ac26gk5205-3bf00-2ab2_firmware6gk5213-3bf00-2tb26gk5328-4ss00-2ar3_firmware6ag1208-0ba00-7ac26gk5328-4fs00-3rr36gk5208-0ba00-2fc26gk5205-3bd00-2ab26gk5206-2gs00-2fc2_firmware6gk5206-2gs00-2tc2_firmware6gk5324-0ba00-2ar3_firmware6ag1206-2bb00-7ac2_firmware6gk5204-0ba00-2yf26gk5326-2qs00-3rr3_firmware6gk5205-3bf00-2tb26gk5208-0ha00-2as66gk5208-0ha00-2ts66gk5204-0ba00-2yf2_firmware6gk5224-4gs00-2fc26gk5208-0ha00-2ts6_firmware6gk5208-0ra00-2ac2_firmware6gk5213-3bf00-2ab2_firmware6gk5216-0ha00-2es66gk5206-2rs00-2ac2_firmware6gk5326-2qs00-3ar3_firmware6gk5208-0ua00-5es6_firmware6gk5213-3bf00-2ab26ag1206-2bs00-7ac26gk5206-2rs00-5fc26gk5224-4gs00-2ac2_firmware6gk5206-2bb00-2ac2_firmware6gk5208-0ba00-2ab2_firmware6gk5324-0ba00-2ar36gk5206-2bs00-2ac2_firmware6gk5216-0ba00-2ab26gk5206-2rs00-5ac2_firmware6gk5213-3bb00-2tb26gk5208-0ba00-2fc2_firmware6gk5216-0ua00-5es6_firmware6gk5213-3bb00-2ab26gk5326-2qs00-3rr36gk5224-4gs00-2ac26gk5204-2aa00-2gf2_firmware6gk5205-3bd00-2tb26gk5216-0ua00-5es66gk5224-4gs00-2tc26gk5208-0ga00-2ac26gk5216-4gs00-2tc2_firmware6gk5208-0ba00-2ab26gk5216-4bs00-2ac26gk5204-2aa00-2gf26gk5328-4fs00-2rr36gk5213-3bd00-2ab2_firmware6gk5213-3bd00-2ab26gk5206-2bs00-2fc2_firmware6gk5216-3rs00-2ac2_firmware6gk5206-2gs00-2ac2_firmware6gk5216-4gs00-2tc26gk5216-0ha00-2es6_firmware6gk5205-3bb00-2ab2_firmware6gk5208-0ra00-2ac26gk5206-2bd00-2ac2_firmware6gk5208-0ha00-2as6_firmware6gk5208-0ga00-2fc26gk5206-2rs00-5ac26ag1208-0ba00-7ac2_firmware6gk5216-0ba00-2tb2_firmware6gk5216-3rs00-5ac26gk5208-0ba00-2tb26gk5208-0ga00-2tc2_firmware6ag1206-2bb00-7ac26gk5208-0ba00-2ac26gk5216-4bs00-2ac2_firmware6gk5208-0ga00-2ac2_firmware6gk5208-0ra00-5ac26gk5206-2bs00-2ac26gk5328-4fs00-2ar3_firmware6gk5206-2bd00-2ac26gk5216-0ba00-2ac26gk5204-0ba00-2gf26gk5216-0ba00-2ac2_firmware6gk5208-0ha00-2es6_firmware6gk5326-2qs00-3ar36ag1216-4bs00-7ac26gk5216-4gs00-2ac2_firmware6gk5216-4gs00-2ac26gk5224-0ba00-2ac26gk5205-3bd00-2ab2_firmware6ag1216-4bs00-7ac2_firmware6gk5206-2bs00-2fc26gk5208-0ba00-2tb2_firmware6gk5216-4gs00-2fc2_firmware6gk5208-0ra00-5ac2_firmware6gk5224-4gs00-2tc2_firmwareSCALANCE M876-4 (NAM)SCALANCE M876-4 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE W786-2 SFPSCALANCE W788-1 RJ45SCALANCE WAM763-1SCALANCE W734-1 RJ45 (USA)SCALANCE M816-1 ADSL-RouterSCALANCE W738-1 M12SCALANCE WAM763-1 (US)SCALANCE W774-1 RJ45SCALANCE W786-2 RJ45SCALANCE WUB762-1RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M812-1 ADSL-RouterSCALANCE WAM766-1 (ME)SCALANCE WUM763-1 (US)SCALANCE WUB762-1 iFeaturesSCALANCE WUM766-1SCALANCE W788-2 M12SCALANCE WAM766-1 (US)SCALANCE WAM766-1 EEC (US)SCALANCE M804PBSCALANCE W778-1 M12 EEC (USA)SCALANCE W721-1 RJ45SCALANCE W786-2IA RJ45SCALANCE W788-1 M12SCALANCE M876-3SCALANCE W761-1 RJ45SCALANCE M876-4SCALANCE W748-1 RJ45SCALANCE W788-2 RJ45SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (EU)SCALANCE W788-2 M12 EECSCALANCE M876-3 (ROK)SCALANCE MUM853-1 (EU)SCALANCE WAM766-1 EEC (ME)SCALANCE M874-2SCALANCE WUM763-1SCALANCE W734-1 RJ45SCALANCE W748-1 M12SCALANCE MUM856-1 (RoW)SCALANCE W786-1 RJ45SCALANCE S615 LAN-RouterSCALANCE W774-1 M12 EECSCALANCE WUM766-1 (ME)SCALANCE W774-1 RJ45 (USA)SCALANCE W778-1 M12SCALANCE WAM766-1 EECSCALANCE WUM766-1 (USA)SCALANCE WAB762-1RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE W778-1 M12 EECSCALANCE WAM766-1SCALANCE WAM763-1 (ME)SCALANCE M874-3SCALANCE W722-1 RJ45
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2023-42797
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.6||MEDIUM
EPSS-0.22% / 45.23%
||
7 Day CHG-0.07%
Published-09 Jan, 2024 | 09:59
Updated-03 Jun, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup.

Action-Not Available
Vendor-Siemens AG
Product-sicam_a8000_cp-8031sicam_a8000_cp-8050sicam_a8000_cp-8031_firmwaresicam_a8000_cp-8050_firmwareCP-8050 MASTER MODULECP-8031 MASTER MODULE
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2025-27395
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2018-7082
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-2.40% / 85.09%
||
7 Day CHG+0.47%
Published-10 May, 2019 | 16:49
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantscalance_w1750d_firmwarescalance_w1750dAruba Instant (IAP)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-41547
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.82% / 74.47%
||
7 Day CHG~0.00%
Published-14 Dec, 2021 | 12:06
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All versions < V5.0.10), Teamcenter Active Workspace V5.1 (All versions < V5.1.6), Teamcenter Active Workspace V5.2 (All versions < V5.2.3). The application contains an unsafe unzipping pattern that could lead to a zip path traversal attack. This could allow and attacker to execute a remote shell with admin rights.

Action-Not Available
Vendor-Siemens AG
Product-teamcenter_active_workspaceTeamcenter Active Workspace V4.3Teamcenter Active Workspace V5.0Teamcenter Active Workspace V5.2Teamcenter Active Workspace V5.1
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-44165
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-2.26% / 84.62%
||
7 Day CHG~0.00%
Published-14 Dec, 2021 | 12:06
Updated-04 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa17kg9501-0aa01-2aa1_firmware7kg9501-0aa31-0aa1_firmware7kg9501-0aa01-0aa17kg9501-0aa31-0aa17kg9501-0aa31-2aa17kg9501-0aa01-0aa1_firmware7kg9501-0aa31-2aa1_firmwarePOWER METER SICAM Q100
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-37727
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-3.40% / 87.44%
||
7 Day CHG+0.70%
Published-12 Oct, 2021 | 14:08
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantscalance_w1750d_firmwarescalance_w1750dHPE Aruba Instant (IAP)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-33728
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-1.99% / 83.66%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to upload JSON objects that are deserialized to JAVA objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary code on the device with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-45094
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.4||HIGH
EPSS-2.74% / 86.01%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 11:39
Updated-09 Apr, 2025 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-34660
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.8||MEDIUM
EPSS-0.86% / 75.02%
||
7 Day CHG~0.00%
Published-10 Aug, 2022 | 11:18
Updated-08 Sep, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-teamcenterTeamcenter V13.0Teamcenter V13.1Teamcenter V13.3Teamcenter V14.0Teamcenter V12.4Teamcenter V13.2
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-34820
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.4||HIGH
EPSS-0.58% / 68.91%
||
7 Day CHG-0.00%
Published-12 Jul, 2022 | 10:07
Updated-21 Apr, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.

Action-Not Available
Vendor-Siemens AG
Product-siplus_s7-1200_cp_1243-1_railsimatic_cp_1543sp-1siplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_cp_1243-8_irc_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresimatic_cp_1243-1_firmwaresimatic_cp_1243-7_lte_eu_firmwaresimatic_cp_1243-7_lte_eusiplus_s7-1200_cp_1243-1simatic_cp_1542sp-1_ircsimatic_cp_1243-1siplus_et_200sp_cp_1543sp-1_isecsimatic_cp_1543-1simatic_cp_1243-7_lte_us_firmwaresimatic_cp_1242-7_v2simatic_cp_1542sp-1_irc_firmwaresimatic_cp_1543-1_firmwaresimatic_cp_1543sp-1_firmwaresiplus_net_cp_1543-1_firmwaresiplus_s7-1200_cp_1243-1_rail_firmwaresimatic_cp_1242-7_v2_firmwaresimatic_cp_1243-8_ircsiplus_et_200sp_cp_1543sp-1_isec_tx_railsiplus_s7-1200_cp_1243-1_firmwaresiplus_et_200sp_cp_1543sp-1_isec_firmwaresiplus_net_cp_1543-1siplus_net_cp_1242-7_v2_firmwaresiplus_net_cp_1242-7_v2simatic_cp_1243-7_lte_usSIPLUS ET 200SP CP 1543SP-1 ISECSIMATIC CP 1542SP-1 IRCSIMATIC CP 1243-1SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS S7-1200 CP 1243-1 RAILSIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIPLUS NET CP 1242-7 V2SIMATIC CP 1243-7 LTE EUSIMATIC CP 1243-8 IRCSIPLUS NET CP 1543-1SIMATIC CP 1543-1SIMATIC CP 1242-7 V2SIPLUS S7-1200 CP 1243-1SIMATIC CP 1543SP-1SIMATIC CP 1243-7 LTE US
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2022-32262
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-2.15% / 84.27%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-21 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2018-16417
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.34% / 87.31%
||
7 Day CHG~0.00%
Published-30 Oct, 2019 | 16:26
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-w1750d_firmwareinstantw1750dn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-56836
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.7||HIGH
EPSS-0.03% / 8.82%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). During the Dynamic DNS configuration of the affected product it is possible to inject additional configuration parameters. Under certain circumstances, an attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-47562
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.11% / 29.62%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 08:40
Updated-10 Mar, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.

Action-Not Available
Vendor-Siemens AG
Product-sinec_security_monitorSINEC Security Monitorsinec_security_monitor
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-40937
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.64%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-10 Dec, 2025 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited privileges.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cn_4100_firmwaresimatic_cn_4100SIMATIC CN 4100
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39567
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.43% / 62.28%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39571
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-1.55% / 81.44%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an attacker with the right to modify the SNMP configuration to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Serversinema_remote_connect_server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39570
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-2.03% / 83.82%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Serversinema_remote_connect_server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39568
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.33% / 56.05%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading proxy configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-6579
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.33% / 79.94%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:40
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-spectrum_power_4Spectrum Power™ 4
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-28489
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 84.52%
||
7 Day CHG-0.68%
Published-11 Apr, 2023 | 09:03
Updated-13 Feb, 2025 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.

Action-Not Available
Vendor-Siemens AG
Product-cp-8050_firmwarecp-8031cp-8031_firmwarecp-8050CP-8031 MASTER MODULECP-8050 MASTER MODULE
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-27407
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.03% / 77.36%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 11:51
Updated-28 Jan, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403_firmwarescalance_lpe9403SCALANCE LPE9403
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-38120
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-5.1||MEDIUM
EPSS-0.11% / 28.98%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 06:28
Updated-13 Sep, 2024 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.

Action-Not Available
Vendor-Micro Focus International LimitedOpen Text Corporation
Product-netiq_advanced_authenticationNetIQ Advance Authentication
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-18647
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.38% / 80.29%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 14:16
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user.

Action-Not Available
Vendor-untanglen/a
Product-ng_firewalln/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1378
Matching Score-4
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-4
Assigner-GitHub, Inc. (Products Only)
CVSS Score-9.1||CRITICAL
EPSS-1.13% / 78.38%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:54
Updated-16 Aug, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com .

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverEnterprise Serverenterprise_server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-29887
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.10% / 28.33%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:14
Updated-24 Sep, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QuRouter 2.5

A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.5.1.060 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qurouterQuRouter
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-29516
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.59% / 69.20%
||
7 Day CHG~0.00%
Published-25 Aug, 2025 | 00:00
Updated-02 Sep, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dsl-7740cdsl-7740c_firmwaren/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-4934
Matching Score-4
Assigner-Sophos Limited
ShareView Details
Matching Score-4
Assigner-Sophos Limited
CVSS Score-7.2||HIGH
EPSS-0.23% / 45.88%
||
7 Day CHG+0.03%
Published-04 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.

Action-Not Available
Vendor-Sophos Ltd.
Product-web_applianceSophos Web Appliance
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-12629
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 73.06%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:25
Updated-15 Nov, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Command Injection Vulnerability

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27083
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-0.57% / 68.62%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 16:26
Updated-12 Nov, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Command Injection Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-arubaosHPE Aruba Networking AOS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-5338
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.37% / 58.91%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 14:00
Updated-07 Apr, 2026 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda G103 Setting system.lua action_set_system_settings command injection

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-g103g103_firmwareG103
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-4616
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.2||HIGH
EPSS-33.95% / 96.98%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 23:54
Updated-07 Nov, 2023 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-dx-3021l9_firmwaredx-3021l94G Router DX-3021
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-45796
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
ShareView Details
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
CVSS Score-9.1||CRITICAL
EPSS-1.98% / 83.62%
||
7 Day CHG+0.12%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SHARP Multifunction Printer - Command Injection

Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-sharpSHARP
Product-mx-m6050mx-m6070_amx-3570n_firmwaremx-c303_firmwaremx-m6071_firmwarebp-60c36_firmwarebp-70m31bp-70m90_firmwaremx-3070v_amx-4070n_a_firmwaremx-m3571_firmwaremx-m3571mx-3050nmx-2651_firmwaremx-m2651mx-5070v_firmwarebp-60c36mx-b455wt_firmwaremx-3070vmx-4060n_firmwaremx-b355wz_firmwaremx-3050v_a_firmwarebp-50c26_firmwaremx-4060v_firmwaremx-3570vmx-c304w_firmwaremx-m5051mx-m3050mx-6050n_firmwaremx-3050v_amx-b376w_firmwaremx-5070n_firmwaremx-c303wh_firmwaremx-m5070bp-70c55_firmwaremx-b376whmx-4071s_firmwaremx-3550v_firmwaremx-b456whmx-m3071_firmwarebp-50c45_firmwaremx-4061_firmwaremx-3061smx-3070n_firmwaremx-3571s_firmwaremx-3560v_firmwarebp-50c26mx-3061_firmwarebp-30c25mx-b455w_firmwaremx-3571mx-7580n_firmwaremx-m1206bp-30c25z_firmwaremx-3550n_firmwaremx-7090nbp-30c25ymx-m4051mx-c303bp-50c55mx-4070n_firmwaremx-m4070_amx-b476wh_firmwaremx-m6070_firmwarebp-30m28t_firmwaremx-m3570mx-m4070bp-55c26_firmwaremx-5050n_firmwaremx-5070vmx-m5051_firmwaremx-m1206_firmwaremx-6071s_firmwaremx-5051mx-m3070_firmwaremx-4061s_firmwaremx-3051mx-b456wh_firmwaremx-b456wmx-3070v_firmwaremx-b355wt_firmwaremx-m3070mx-m4071_firmwaremx-3060v_firmwaremx-6071mx-3571sbp-30m35t_firmwaremx-m4071s_firmwaremx-m3551mx-m4051_firmwaremx-m6071s_firmwarebp-70c55mx-m5071mx-4050nbp-70c31mx-3561smx-m3050_firmwaremx-m4070_firmwaremx-3061s_firmwaremx-b356whmx-3070nmx-6050v_firmwaremx-4070v_firmwaremx-4070v_abp-70m75_firmwarebp-70m65mx-c304mx-4071smx-b356wh_firmwaremx-c303w_firmwaremx-6580nmx-c304wh_firmwarebp-50c65_firmwaremx-3551mx-3050v_firmwaremx-m7570mx-3060nbp-70c36mx-b376wmx-3050n_firmwaremx-7081_firmwaremx-m6050_firmwarebp-70m36_firmwarebp-50c55_firmwaremx-m905_firmwaremx-m4050_firmwaremx-m4071bp-50c45mx-m7570_firmwarebp-30m31tmx-3070v_a_firmwaremx-m1056mx-m3551_firmwaremx-m3051_firmwaremx-m3571smx-2630n_firmwaremx-8081mx-c303whmx-b355w_firmwarebp-70m31_firmwaremx-2630nmx-m6071bp-50m31mx-6070n_firmwarebp-30c25y_firmwaremx-3050n_abp-30c25tbp-70c65bp-70m55bp-30m28_firmwaremx-3570nmx-5050vbp-60c31_firmwarebp-70c36_firmwaremx-5071smx-4051mx-b455wtmx-m3050_a_firmwaremx-3060vmx-3061mx-m3071mx-m3550_firmwaremx-4060vbp-55c26mx-3071smx-3560n_firmwaremx-b455wzbp-50c36mx-m6070mx-m3571s_firmwaremx-3070n_abp-50c31_firmwaremx-5070nmx-m3071smx-8090nmx-m1056_firmwarebp-30m31_firmwaremx-c304_firmwarebp-50m36_firmwaremx-3551_firmwaremx-b476w_firmwaremx-6071_firmwaremx-b355wzbp-70m90mx-7580nmx-m6051_firmwaremx-4061mx-5071bp-50m45_firmwaremx-m2651_firmwarebp-50m55_firmwaremx-6070v_abp-30c25t_firmwaremx-c304whmx-3560nmx-m6070_a_firmwaremx-6050vbp-50m31_firmwaremx-b376wh_firmwarebp-70m45_firmwaremx-m5050_firmwaremx-6050nmx-4050vmx-m2630_a_firmwaremx-3050vmx-m905mx-m3570_firmwarebp-50c31mx-3561mx-4070n_amx-3571_firmwarebp-70c31_firmwaremx-5051_firmwaremx-4070vmx-b455wmx-c304wbp-50m26mx-5071s_firmwarebp-50m26_firmwarebp-50m45mx-3570v_firmwaremx-m4070_a_firmwaremx-m2630_abp-30c25zmx-m3070_a_firmwaremx-3051_firmwaremx-6051mx-m4071smx-6070n_amx-m3051mx-m4050mx-m5071s_firmwaremx-m2630_firmwaremx-m3070_amx-3071mx-m6051bp-50m55mx-c303wbp-70c65_firmwarebp-60c45bp-70m45bp-70m75mx-6070v_a_firmwarebp-30m35_firmwaremx-b476whmx-3071s_firmwaremx-6051_firmwaremx-m3550mx-4050n_firmwaremx-4061smx-4060nbp-50c36_firmwaremx-b456w_firmwaremx-3561s_firmwarebp-70c45bp-30m28mx-6071smx-4051_firmwarebp-60c31mx-4070v_a_firmwaremx-7090n_firmwarebp-50c65bp-50m50_firmwaremx-b356wmx-4071mx-b355wmx-7081mx-3561_firmwaremx-b476wmx-5050nmx-3560vbp-70m55_firmwaremx-b455wz_firmwaremx-m5071_firmwaremx-3550nmx-3070n_a_firmwaremx-2651mx-m2630mx-6070n_a_firmwarebp-70c45_firmwaremx-6070v_firmwaremx-4071_firmwarebp-30m35tbp-30c25_firmwaremx-4070nmx-m5050bp-70m65_firmwarebp-60c45_firmwaremx-3550vmx-m3050_amx-m6570_firmwarebp-30m35mx-b356w_firmwaremx-8081_firmwarebp-70m36mx-3071_firmwaremx-5050v_firmwarebp-30m31t_firmwaremx-6070vmx-6580n_firmwaremx-m6570mx-3050n_a_firmwaremx-m5070_firmwarebp-30m28tmx-3060n_firmwaremx-8090n_firmwaremx-m5071sbp-50m50mx-m3071s_firmwaremx-m6071smx-6070nmx-4050v_firmwarebp-50m36bp-30m31mx-b355wtmx-5071_firmwareSHARP multifunction printers
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found