Vulnerabilities > Bosch > PRA Es8P2S Firmware > 1.01.05

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-32534 OS Command Injection vulnerability in Bosch Pra-Es8P2S Firmware 1.01.05
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface.
network
low complexity
bosch CWE-78
critical
 9.8
9.8
2022-06-23 CVE-2022-32535 Improper Privilege Management vulnerability in Bosch Pra-Es8P2S Firmware 1.01.05
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege.
network
low complexity
bosch CWE-269
critical
 10.0
10
2022-06-23 CVE-2022-32536 Improper Privilege Management vulnerability in Bosch Pra-Es8P2S Firmware 1.01.05
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient.
network
low complexity
bosch CWE-269
critical
 9.0
9.0