CVE-2025-33023 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-33023 PUBLISHED CVSS 4.099999904632568 MEDIUM

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). The affected devices do not properly enforce the restriction of files that can be uploaded from the web interface. This could allow an authenticated remote attacker with high privileges in the web interface to upload arbitrary files.

EPSS 0.05% · 14.3th percentile

Risk Scores

CVSS v3.1

4.099999904632568

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

EPSS Score

0.05%

14.3th percentile

Affected Products

Vendor	Product	Versions
Siemens	RUGGEDCOM ROX RX1524	0
Siemens	RUGGEDCOM ROX RX1500	0
Siemens	RUGGEDCOM ROX RX1512	0
Siemens	RUGGEDCOM ROX RX1400	0
Siemens	RUGGEDCOM ROX RX5000	0
Siemens	RUGGEDCOM ROX MX5000RE	0
Siemens	RUGGEDCOM ROX RX1536	0
Siemens	RUGGEDCOM ROX RX1511	0
Siemens	RUGGEDCOM ROX MX5000	0
Siemens	RUGGEDCOM ROX RX1510	0
Siemens	RUGGEDCOM ROX RX1501	0

Timeline

Aug 12, 2025 EPSS Score
Aug 12, 2025 Coalition ESS Score
Aug 12, 2025 CVE Published
Aug 12, 2025 CVE Updated
Aug 14, 2025 PoC Published
Aug 20, 2025 EPSS Score
Aug 22, 2025 Coalition ESS Score
Aug 26, 2025 Coalition ESS Score
Aug 28, 2025 EPSS Score
Sep 4, 2025 EPSS Score
Sep 12, 2025 EPSS Score
Sep 20, 2025 EPSS Score

References

Open in Interactive Console →