CVE-2024-38278

First published: Tue Jul 09 2024(Updated: )

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG907R (All versions < V5.9.0), RUGGEDCOM RSG908C (All versions < V5.9.0), RUGGEDCOM RSG909R (All versions < V5.9.0), RUGGEDCOM RSG910C (All versions < V5.9.0), RUGGEDCOM RSG920P V5.X (All versions < V5.9.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSL910 (All versions < V5.9.0), RUGGEDCOM RSL910NC (All versions < V5.9.0), RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0), RUGGEDCOM RST916C (All versions < V5.9.0), RUGGEDCOM RST916P (All versions < V5.9.0). The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system.

Credit: productcert@siemens.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/weakness
• agent/description
• agent/first-publish-date
• agent/type
• agent/severity
• agent/author
• agent/event
• collector/nvd-api
• source/NVD
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/source
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• agent/softwarecombine
• agent/tags
• vendor/ruggedcom
• canonical/ruggedcom rmc8388nc
• canonical/ruggedcom rmc8388
• canonical/ruggedcom rs416nc
• canonical/siemens ruggedcom rs416pnc v2
• canonical/siemens ruggedcom rs416pv2
• canonical/siemens ruggedcom ros rs416v2
• canonical/siemens ruggedcom rs900 (32m)
• canonical/siemens ruggedcom rs900g (32m)
• canonical/siemens ruggedcom rs900gnc (32m)
• canonical/siemens ruggedcom rs900nc
• canonical/siemens ruggedcom rsg2100nc(32m)
• canonical/siemens ruggedcom rsg2288
• canonical/siemens ruggedcom rsg2288nc
• canonical/siemens ruggedcom rsg2300
• canonical/siemens ruggedcom rsg2300nc
• canonical/siemens ruggedcom rsg2300p
• canonical/siemens ruggedcom rsg2300pnc
• canonical/siemens ruggedcom rsg2488
• canonical/siemens ruggedcom rsg2488nc
• canonical/ruggedcom rsg907r
• canonical/ruggedcom rsg908c
• canonical/ruggedcom rsg909r
• canonical/siemens ruggedcom rsg910c
• canonical/siemens ruggedcom rsg920p
• canonical/siemens ruggedcom rsg920pnc
• canonical/siemens ruggedcom rsl910
• canonical/siemens ruggedcom rsl910nc
• canonical/siemens ruggedcom rst2228
• canonical/siemens ruggedcom rst2228p
• canonical/ruggedcom rst916c
• canonical/siemens ruggedcom rst916p