Vulnerability Description
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). During the Dynamic DNS configuration of the affected product it is possible to inject additional configuration parameters. Under certain circumstances, an attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Ruggedcom Rox Ii Firmware | < 2.17.0 |
| Siemens | Ruggedcom Rox Ii | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-56836?
CVE-2024-56836 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX15...
How severe is CVE-2024-56836?
CVE-2024-56836 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-56836?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Ruggedcom Rox Ii Firmware, Siemens Ruggedcom Rox Ii.