A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG907R (All versions < V5.9.0), RUGGEDCOM RSG908C (All versions < V5.9.0), RUGGEDCOM RSG909R (All versions < V5.9.0), RUGGEDCOM RSG910C (All versions < V5.9.0), RUGGEDCOM RSG920P V5.X (All versions < V5.9.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSL910 (All versions < V5.9.0), RUGGEDCOM RSL910NC (All versions < V5.9.0), RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0), RUGGEDCOM RST916C (All versions < V5.9.0), RUGGEDCOM RST916P (All versions < V5.9.0). The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | RUGGEDCOM RMC8388 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RMC8388NC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS416NCv2 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS416PNCv2 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS416Pv2 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS416v2 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS900 (32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS900G (32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS900GNC(32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RS900NC(32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2100 (32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2100NC(32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2100P (32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2100PNC (32M) V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2288 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2288NC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2300 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2300NC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2300P V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2300PNC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2488 V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG2488NC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG907R | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG908C | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG909R | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG910C | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG920P V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSG920PNC V5.X | unknown |
|
||||||
| Siemens | RUGGEDCOM RSL910 | unknown |
|
||||||
| Siemens | RUGGEDCOM RSL910NC | unknown |
|
||||||
| Siemens | RUGGEDCOM RST2228 | unknown |
|
||||||
| Siemens | RUGGEDCOM RST2228P | unknown |
|
||||||
| Siemens | RUGGEDCOM RST916C | unknown |
|
||||||
| Siemens | RUGGEDCOM RST916P | unknown |
|
No data.
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Siemens
Subscribe
|
Ruggedcom Ros Rmc8388
Subscribe
Ruggedcom Ros Rmc8388nc
Subscribe
Ruggedcom Ros Rs416ncv2
Subscribe
Ruggedcom Ros Rs416pncv2
Subscribe
Ruggedcom Ros Rs416pv2
Subscribe
Ruggedcom Ros Rs416v2
Subscribe
Ruggedcom Ros Rs900
Subscribe
Ruggedcom Ros Rs900g
Subscribe
Ruggedcom Ros Rs900gnc
Subscribe
Ruggedcom Ros Rs900nc
Subscribe
Ruggedcom Ros Rsg2100
Subscribe
Ruggedcom Ros Rsg2100nc
Subscribe
Ruggedcom Ros Rsg2288
Subscribe
Ruggedcom Ros Rsg2288nc
Subscribe
Ruggedcom Ros Rsg2300
Subscribe
Ruggedcom Ros Rsg2300nc
Subscribe
Ruggedcom Ros Rsg2300p
Subscribe
Ruggedcom Ros Rsg2300pnc
Subscribe
Ruggedcom Ros Rsg2488
Subscribe
Ruggedcom Ros Rsg2488nc
Subscribe
Ruggedcom Ros Rsg907r
Subscribe
Ruggedcom Ros Rsg908c
Subscribe
Ruggedcom Ros Rsg909r
Subscribe
Ruggedcom Ros Rsg910c
Subscribe
Ruggedcom Ros Rsg920p
Subscribe
Ruggedcom Ros Rsg920pnc
Subscribe
Ruggedcom Ros Rsl910
Subscribe
Ruggedcom Ros Rsl910nc
Subscribe
Ruggedcom Ros Rst2228
Subscribe
Ruggedcom Ros Rst2228p
Subscribe
Ruggedcom Ros Rst916c
Subscribe
Ruggedcom Ros Rst916p
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-37239 | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG907R (All versions < V5.9.0), RUGGEDCOM RSG908C (All versions < V5.9.0), RUGGEDCOM RSG909R (All versions < V5.9.0), RUGGEDCOM RSG910C (All versions < V5.9.0), RUGGEDCOM RSG920P V5.X (All versions < V5.9.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSL910 (All versions < V5.9.0), RUGGEDCOM RSL910NC (All versions < V5.9.0), RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0), RUGGEDCOM RST916C (All versions < V5.9.0), RUGGEDCOM RST916P (All versions < V5.9.0). The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 12 Aug 2025 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG907R (All versions < V5.9.0), RUGGEDCOM RSG908C (All versions < V5.9.0), RUGGEDCOM RSG909R (All versions < V5.9.0), RUGGEDCOM RSG910C (All versions < V5.9.0), RUGGEDCOM RSG920P V5.X (All versions < V5.9.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSL910 (All versions < V5.9.0), RUGGEDCOM RSL910NC (All versions < V5.9.0), RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0), RUGGEDCOM RST916C (All versions < V5.9.0), RUGGEDCOM RST916P (All versions < V5.9.0). The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system. | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.9.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.9.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.9.0), RUGGEDCOM RSG907R (All versions < V5.9.0), RUGGEDCOM RSG908C (All versions < V5.9.0), RUGGEDCOM RSG909R (All versions < V5.9.0), RUGGEDCOM RSG910C (All versions < V5.9.0), RUGGEDCOM RSG920P V5.X (All versions < V5.9.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.9.0), RUGGEDCOM RSL910 (All versions < V5.9.0), RUGGEDCOM RSL910NC (All versions < V5.9.0), RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0), RUGGEDCOM RST916C (All versions < V5.9.0), RUGGEDCOM RST916P (All versions < V5.9.0). The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system. |
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2025-08-27T20:42:54.768Z
Reserved: 2024-06-12T14:37:01.983Z
Link: CVE-2024-38278
Vulnrichment
Updated: 2024-08-02T04:04:25.242Z
NVD
Status : Awaiting Analysis
Published: 2024-07-09T12:15:15.497
Modified: 2025-08-12T12:15:31.777
Link: CVE-2024-38278
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses