Tag
Siemens Ruggedcom Rox Improper Access Control Vulnerability
2 rules 1 TTP 1 CVESiemens Ruggedcom Rox is vulnerable to improper access control, allowing an authenticated remote attacker to read arbitrary files with root privileges from the underlying operating system's filesystem via the web server's JSON-RPC interface, as tracked by CVE-2025-40948.
Siemens RUGGEDCOM ROX Devices Vulnerable to Remote Code Execution via Feature Key Injection (CVE-2025-40947)
2 rules 1 TTP 1 CVECVE-2025-40947 describes a vulnerability in Siemens RUGGEDCOM ROX devices that allows authenticated remote attackers to inject arbitrary commands via a maliciously crafted feature key, resulting in remote code execution with root privileges.
CVE-2025-40949 - Siemens RUGGEDCOM ROX Web UI Command Injection
2 rules 1 TTP 1 CVEAn authenticated remote command injection vulnerability exists in the web UI scheduler functionality of multiple RUGGEDCOM ROX devices before V2.17.1, allowing arbitrary command execution with root privileges.
RUGGEDCOM CROSSBOW SAM-P Privilege Escalation Vulnerability (CVE-2026-27668)
2 rules 1 TTP 1 CVECVE-2026-27668 allows authenticated User Administrators in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) to escalate their privileges and access any device group, due to an incorrect privilege assignment in versions prior to V5.8.