Latest CVE Feed
-
8.6
HIGHCVE-2021-23855
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.... Read more
- Published: Oct. 04, 2021
- Modified: Nov. 21, 2024
-
8.3
HIGHCVE-2021-23854
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.... Read more
Affected Products : cpp6_firmware cpp7_firmware cpp7.3_firmware cpp13_firmware cpp6 cpp7 cpp7.3 cpp13- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-23853
In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.... Read more
Affected Products : cpp6_firmware cpp7_firmware cpp7.3_firmware cpp4_firmware cpp13_firmware cpp6 cpp7 cpp7.3 cpp4 cpp13- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-23852
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).... Read more
Affected Products : cpp6_firmware cpp7_firmware cpp7.3_firmware cpp4_firmware cpp13_firmware cpp6 cpp7 cpp7.3 cpp4 cpp13- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-23851
A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical a... Read more
Affected Products : autodome_ip_4000i_firmware autodome_ip_5000i_firmware autodome_ip_starlight_5000i_firmware autodome_ip_starlight_7000i_firmware dinion_ip_3000i_firmware dinion_ip_bullet_4000i_firmware dinion_ip_bullet_5000_firmware dinion_ip_bullet_5000i_firmware dinion_ip_bullet_6000i_firmware flexidome_ip_3000i_firmware +126 more products- Published: Mar. 30, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-23850
A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical ... Read more
Affected Products : autodome_ip_4000i_firmware autodome_ip_5000i_firmware autodome_ip_starlight_5000i_firmware autodome_ip_starlight_7000i_firmware dinion_ip_3000i_firmware dinion_ip_bullet_4000i_firmware dinion_ip_bullet_5000_firmware dinion_ip_bullet_5000i_firmware dinion_ip_bullet_6000i_firmware flexidome_ip_3000i_firmware +126 more products- Published: Mar. 30, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-23849
A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious l... Read more
Affected Products : cpp6_firmware cpp7_firmware cpp7.3_firmware cpp4_firmware cpp13_firmware aviotec_firmware cpp14_firmware cpp6 cpp7 cpp7.3 +4 more products- Published: Aug. 05, 2021
- Modified: Nov. 21, 2024
-
8.3
HIGHCVE-2021-23848
An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the conte... Read more
Affected Products : cpp6_firmware cpp7_firmware cpp7.3_firmware cpp4_firmware cpp13_firmware cpp6 cpp7 cpp7.3 cpp4 cpp13- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-23847
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP... Read more
- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-23846
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th... Read more
- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-23845
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M ... Read more
Affected Products : b426_firmware b426-cn_firmware b429-cn_firmware b426-m_firmware b426 b426-cn b429-cn b426-m- Published: Jun. 18, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-23843
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker ca... Read more
Affected Products : access_professional_edition building_integration_system amc2_firmware access_management_system amc2- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-23842
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can... Read more
Affected Products : access_professional_edition building_integration_system amc2_firmware access_management_system amc2- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while pars... Read more
Affected Products : zfs_storage_appliance_kit debian_linux business_intelligence peoplesoft_enterprise_peopletools macos oncommand_insight oncommand_workflow_automation snapcenter openssl enterprise_manager_ops_center +13 more products- Published: Feb. 16, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from ... Read more
Affected Products : debian_linux business_intelligence openssl nosql_database enterprise_manager_ops_center jd_edwards_enterpriseone_tools m10-1_firmware m10-4_firmware m10-4s_firmware m12-1_firmware +17 more products- Published: Feb. 16, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-23839
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients t... Read more
- Published: Feb. 16, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-23838
An issue was discovered in flatCore before 2.0.0 build 139. A reflected XSS vulnerability was identified in the media_filter HTTP request body parameter for the acp interface. The affected parameter accepts malicious client-side script without proper inpu... Read more
- Published: Jan. 15, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-23837
An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selected_folder HTTP request body parameter for the acp interface. The affected parameter (which retrieves the file contents of the specifie... Read more
- Published: Jan. 15, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-23836
An issue was discovered in flatCore before 2.0.0 build 139. A stored XSS vulnerability was identified in the prefs_smtp_psw HTTP request body parameter for the acp interface. An admin user can inject malicious client-side script into the affected paramete... Read more
- Published: Jan. 15, 2021
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2021-23835
An issue was discovered in flatCore before 2.0.0 build 139. A local file disclosure vulnerability was identified in the docs_file HTTP request body parameter for the acp interface. This can be exploited with admin access rights. The affected parameter (wh... Read more
- Published: Jan. 15, 2021
- Modified: Nov. 21, 2024