Vulnerabilities > Bosch > Praesensa Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-01-14 CVE-2020-6777 Cross-site Scripting vulnerability in Bosch Praesensa Firmware and Praesideo Firmware
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an authenticated remote attacker with admin privileges to mount a stored Cross-Site-Scripting (XSS) attack against another user.
network
low complexity
bosch CWE-79
4.8
2021-01-14 CVE-2020-6776 Cross-Site Request Forgery (CSRF) vulnerability in Bosch Praesensa Firmware and Praesideo Firmware
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site Request Forgery).
network
low complexity
bosch CWE-352
8.8