bosch rexroth ag

Top products

The 15 most recently published vulnerabilities affecting bosch rexroth ag.

• CVE-2025-48862Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if a...7.1Aug 14, 2025
• CVE-2025-48861A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs...5.3Aug 14, 2025
• CVE-2025-48860A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remote access to backup archives created by a user with elevat...8.0Aug 14, 2025
• CVE-2025-27532A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple craft...6.5Apr 30, 2025
• CVE-2025-24351A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context ...8.8Apr 30, 2025
• CVE-2025-24350A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitr...7.1Apr 30, 2025
• CVE-2025-24349A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to delete the configuration of physical netwo...7.1Apr 30, 2025
• CVE-2025-24348A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the wireless network configura...5.4Apr 30, 2025
• CVE-2025-24347A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file...6.5Apr 30, 2025
• CVE-2025-24346A vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to manipulate the “/etc/environment” file via a crafte...7.5Apr 30, 2025
• CVE-2025-24345A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the “hosts” file in an unintended manne...6.3Apr 30, 2025
• CVE-2025-24344A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-...6.3Apr 30, 2025
• CVE-2025-24343A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file sys...5.4Apr 30, 2025
• CVE-2025-24342A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.5.3Apr 30, 2025
• CVE-2025-24341A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requ...6.5Apr 30, 2025