CVE-2024-50561 — Cross-site Scripting in Siemens Ruggedcom Rm1224 LTE EU

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

5.1MEDIUMNVD

EPSS

0.3%

top 50.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Ruggedcom Rm1224 LTE EU Siemens Ruggedcom Rm1224 LTE NAM Siemens Scalance M804pb +34 more

Timeline

PublishedNov 12

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages37 packages

▶CVEListV5siemens/scalance_m812-1_adsl-router< V8.2

▶CVEListV5siemens/scalance_m816-1_adsl-router< V8.2

▶CVEListV5siemens/scalance_m874-3_3g-router< V8.2

▶CVEListV5siemens/scalance_s615_lan-router< V8.2

▶CVEListV5siemens/scalance_m826-2_shdsl-router< V8.2

Patches

Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-fc63-6853-v5m2: A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8↗2024-11-12

▶

CVEList

CVE-2024-50561: A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8↗2024-11-12

▶