Vulnerabilities > Bosch > Cpp7 3 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2021-23853 Improper Input Validation vulnerability in Bosch products
In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.
network
low complexity
bosch CWE-20
critical
9.8
2021-06-09 CVE-2021-23847 Missing Authentication for Critical Function vulnerability in Bosch Cpp6 Firmware, Cpp7.3 Firmware and Cpp7 Firmware
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device.
network
low complexity
bosch CWE-306
critical
9.1