Vulnerabilities > Bosch > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-11601 | Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. | 7.5 |
| 2019-08-21 | CVE-2019-11897 | Server-Side Request Forgery (SSRF) vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. | 8.6 |
| 2019-05-29 | CVE-2019-11896 | Improper Privilege Management vulnerability in Bosch Smart Home Controller Firmware 9.8.905 A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.907 that may result in a restricted app obtaining default app permissions. | 7.1 |
| 2019-05-29 | CVE-2019-11893 | Improper Privilege Management vulnerability in Bosch Smart Home Controller Firmware A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. | 8.0 |
| 2019-05-29 | CVE-2019-11892 | Unspecified vulnerability in Bosch Smart Home Controller Firmware A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. low complexity bosch | 8.0 |
| 2019-05-29 | CVE-2019-11891 | Improper Privilege Management vulnerability in Bosch Smart Home Controller Firmware A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary's choosing. | 8.0 |
| 2019-02-22 | CVE-2019-7728 | Improper Certificate Validation vulnerability in Bosch Smart Camera An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. | 7.5 |