CVE-2020-28398

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 10, 2024
CWE ID 352

Summary

CVE-2020-28398 is a vulnerability affecting various RUGGEDCOM ROX series devices, including MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, and RX1536, as well as RX5000, all running versions below V2.16.0. This issue involves the Command Line Interface (CLI) in the web interface of these devices, which is susceptible to cross-site request forgery (CSRF). Attackers can exploit this vulnerability by luring authenticated users into clicking on malicious links, enabling the attacker to read or modify the device configuration without the user's knowledge.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • RUGGEDCOM ROX RX1510
  • RUGGEDCOM ROX RX1511
  • RUGGEDCOM ROX RX1512
  • RUGGEDCOM ROX RX1524
  • RUGGEDCOM ROX RX1536