Boschrexroth Ctrlx Hmi Web Panel Wr2107 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Boschrexroth Ctrlx Hmi Web Panel Wr2107 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-46102 — CVSS 8.8 (high): The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to exchange messages and receive commands to…
CVE-2023-45220 — CVSS 8.8 (high): The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol…
CVE-2023-45851 — CVSS 8.8 (high): The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication…
CVE-2023-41255 — CVSS 8.8 (high): The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself…
CVE-2023-45321 — CVSS 8.3 (high): The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol…
CVE-2023-43488 — CVSS 7.9 (high): The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to…
CVE-2023-41372 — CVSS 7.8 (high): The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client…
CVE-2023-41960 — CVSS 7.1 (high): The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the…
CVE-2023-45844 — CVSS 6.8 (medium): The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android…