Unauthenticated Remote Write Access Vulnerability in RUGGEDCOM CROSSBOW (All versions < V5.2)

Unauthenticated Remote Write Access Vulnerability in RUGGEDCOM CROSSBOW (All versions < V5.2)

CVE-2023-27309 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.

Learn more about our Web Application Penetration Testing UK.