CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt