Primary

Context

Bosch Rexroth ctrlX OS Web Application Arbitrary File Write Vulnerability

Vulnerability

A vulnerability exists in the web application of Bosch Rexroth ctrlX OS, specifically within the 'Manages app data' functionality. This vulnerability allows remote authenticated (low-privileged) attackers to write arbitrary files to any file system path by sending a crafted HTTP request.

Impact

Exploitation of this vulnerability could lead to unauthorized file modifications, potentially allowing for further attacks or system manipulation.

Remediation

Users are advised to update to the latest versions of the affected applications. The update process may require a device reboot. To check if the update was successful, verify the installed version using the device's package management system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bosch Rexroth ctrlX OS Web Application Arbitrary File Write Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating