CVE-2023-36751

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jul 11, 2023

Updated: Jul 18, 2023

CWE ID 77

Summary

CVE-2023-36751 is a newlydiscovered vulnerability affecting multiple RUGGEDCOM device models, including ROX MX5000, ROX MX5000RE, ROX RX1400, ROX RX1500, ROX RX1501, ROX RX1510, ROX RX1511, ROX RX1512, ROX RX1524, and ROX RX1536, as well as ROX RX5000. The web interface of these devices contains a vulnerable install-app URL parameter, which lacks proper server-side input sanitation. An authenticated privileged remote attacker can exploit this command injection flaw to execute arbitrary code with root privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzTLz3
https://www.cve.org/CVERecord?id=CVE-2023-36751
https://nvd.nist.gov/vuln/detail/CVE-2023-36751

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-36751

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations