Vulnerabilities > Bosch > Prosyst MBS SDK > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-21 CVE-2019-11603 Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK
A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root.
network
low complexity
bosch CWE-22
7.5
2019-08-21 CVE-2019-11601 Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
network
low complexity
bosch CWE-22
7.5
2019-08-21 CVE-2019-11897 Server-Side Request Forgery (SSRF) vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK
A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs.
network
low complexity
bosch CWE-918
8.6