Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bosch cpp13 firmware - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-23853
In Bosch IP cameras, improper validation of the HTTP header allows an malicious user to inject arbitrary HTTP headers through crafted URLs.
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
8.8
CVSSv3
CVE-2021-23849
A vulnerability in the web-based interface allows an unauthenticated remote malicious user to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a ma...
Bosch Cpp4 Firmware 7.10
Bosch Cpp6 Firmware 7.60
Bosch Cpp6 Firmware 7.61
Bosch Cpp6 Firmware 7.70
Bosch Cpp6 Firmware 7.80
Bosch Aviotec Firmware 7.61
Bosch Aviotec Firmware 7.72
Bosch Cpp7 Firmware 7.60
Bosch Cpp7 Firmware 7.61
Bosch Cpp7 Firmware 7.70
Bosch Cpp7 Firmware 7.72
Bosch Cpp7 Firmware 7.80
Bosch Cpp7.3 Firmware 7.60
Bosch Cpp7.3 Firmware 7.61
Bosch Cpp7.3 Firmware 7.62
Bosch Cpp7.3 Firmware 7.70
Bosch Cpp7.3 Firmware 7.72
Bosch Cpp7.3 Firmware 7.73
Bosch Cpp7.3 Firmware 7.80
Bosch Cpp13 Firmware 7.75
Bosch Cpp14 Firmware 8.00
7.2
CVSSv3
CVE-2023-39509
A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera.
Bosch Cpp13 Firmware
Bosch Cpp14 Firmware
6.5
CVSSv3
CVE-2023-32229
Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256.
Bosch Cpp13 Firmware
Bosch Cpp14 Firmware
6.1
CVSSv3
CVE-2021-23848
An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the context of the user.
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
6.1
CVSSv3
CVE-2021-23854
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.
Bosch Cpp6 Firmware 7.62
Bosch Cpp6 Firmware 7.70
Bosch Cpp6 Firmware 7.72
Bosch Cpp7 Firmware 7.62
Bosch Cpp7 Firmware 7.70
Bosch Cpp7 Firmware 7.72
Bosch Cpp7.3 Firmware 7.62
Bosch Cpp7.3 Firmware 7.70
Bosch Cpp7.3 Firmware 7.72
Bosch Cpp13 Firmware 7.75
Bosch Cpp13 Firmware 7.76
5.9
CVSSv3
CVE-2022-32540
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle malicious user to compromise confidential video stream. This is only applicable for UDP encryption when target sys...
Bosch Bosch Video Management System 11.0
Bosch Bosch Video Management System
Bosch Videojet Decoder 7513 Firmware 10.23.0002
Bosch Videojet Decoder 7513 Firmware 10.30.0005
5.3
CVSSv3
CVE-2022-41677
An information disclosure vulnerability exists in Bosch IP camera devices allowing an unauthenticated malicious user to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device...
Bosch Cpp14 Firmware
Bosch Cpp13 Firmware
Bosch Cpp7.3 Firmware
Bosch Cpp7 Firmware
Bosch Cpp6 Firmware
Bosch Cpp4 Firmware
4.9
CVSSv3
CVE-2021-23852
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started