NotCVE - vendor:"Bosch Rexroth AG" product:"CtrlX OS - Device Admin" version:" >= 1.20.0 <= 1.20.7"

Page 2 of 12 results (0.001 seconds)

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2025-24340

https://notcve.org/view.php?id=CVE-2025-24340

30 Apr 2025 — A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users. • https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html • CWE-916: Use of Password Hash With Insufficient Computational Effort •

CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2025-24339

https://notcve.org/view.php?id=CVE-2025-24339

30 Apr 2025 — A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request. • https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html • CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •

1 2