Vulnerabilities > Bosch
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-23848 | Cross-site Scripting vulnerability in Bosch products An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. | 6.1 |
| 2021-06-09 | CVE-2021-23852 | Resource Exhaustion vulnerability in Bosch products An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS). | 4.9 |
| 2021-06-09 | CVE-2021-23853 | Improper Input Validation vulnerability in Bosch products In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs. | 9.8 |
| 2021-06-09 | CVE-2021-23854 | Cross-site Scripting vulnerability in Bosch products An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. | 6.1 |
| 2021-03-25 | CVE-2020-6790 | Uncontrolled Search Path Element vulnerability in Bosch Video Streaming Gateway Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |
| 2021-03-25 | CVE-2020-6789 | Uncontrolled Search Path Element vulnerability in Bosch Monitor Wall 10.00.0164 Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |
| 2021-03-25 | CVE-2020-6788 | Uncontrolled Search Path Element vulnerability in Bosch Configuration Manager Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |
| 2021-03-25 | CVE-2020-6787 | Uncontrolled Search Path Element vulnerability in Bosch Video Client 1.7.6.079 Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |
| 2021-03-25 | CVE-2020-6786 | Uncontrolled Search Path Element vulnerability in Bosch Video Recording Manager Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |
| 2021-03-25 | CVE-2020-6785 | Uncontrolled Search Path Element vulnerability in Bosch products Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. | 7.8 |