CVE-2020-28398
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2020-28398 is a vulnerability affecting various RUGGEDCOM ROX series devices, including MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, and RX1536, as well as RX5000, all running versions below V2.16.0. This issue involves the Command Line Interface (CLI) in the web interface of these devices, which is susceptible to cross-site request forgery (CSRF). Attackers can exploit this vulnerability by luring authenticated users into clicking on malicious links, enabling the attacker to read or modify the device configuration without the user's knowledge.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- RUGGEDCOM ROX RX1510
- RUGGEDCOM ROX RX1511
- RUGGEDCOM ROX RX1512
- RUGGEDCOM ROX RX1524
- RUGGEDCOM ROX RX1536