Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bosch cpp7 firmware - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-23853
In Bosch IP cameras, improper validation of the HTTP header allows an malicious user to inject arbitrary HTTP headers through crafted URLs.
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
9.1
CVSSv3
CVE-2021-23847
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote malicious user to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with fir...
Bosch Cpp6 Firmware
Bosch Cpp6 Firmware 7.70
Bosch Cpp6 Firmware 7.72
Bosch Cpp7 Firmware
Bosch Cpp7 Firmware 7.70
Bosch Cpp7 Firmware 7.72
Bosch Cpp7.3 Firmware
Bosch Cpp7.3 Firmware 7.70
Bosch Cpp7.3 Firmware 7.72
8.8
CVSSv3
CVE-2021-23849
A vulnerability in the web-based interface allows an unauthenticated remote malicious user to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a ma...
Bosch Cpp4 Firmware 7.10
Bosch Cpp6 Firmware 7.60
Bosch Cpp6 Firmware 7.61
Bosch Cpp6 Firmware 7.70
Bosch Cpp6 Firmware 7.80
Bosch Aviotec Firmware 7.61
Bosch Aviotec Firmware 7.72
Bosch Cpp7 Firmware 7.60
Bosch Cpp7 Firmware 7.61
Bosch Cpp7 Firmware 7.70
Bosch Cpp7 Firmware 7.72
Bosch Cpp7 Firmware 7.80
Bosch Cpp7.3 Firmware 7.60
Bosch Cpp7.3 Firmware 7.61
Bosch Cpp7.3 Firmware 7.62
Bosch Cpp7.3 Firmware 7.70
Bosch Cpp7.3 Firmware 7.72
Bosch Cpp7.3 Firmware 7.73
Bosch Cpp7.3 Firmware 7.80
Bosch Cpp13 Firmware 7.75
Bosch Cpp14 Firmware 8.00
7.2
CVSSv3
CVE-2021-23850
A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and ...
Bosch Autodome Ip 4000i Firmware Cpp7.3
Bosch Autodome Ip 5000i Firmware Cpp7.3
Bosch Autodome Ip Starlight 5000i Firmware Cpp7.3
Bosch Autodome Ip Starlight 7000i Firmware Cpp7.3
Bosch Dinion Ip 3000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 4000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 5000 Firmware Cpp7.3
Bosch Dinion Ip Bullet 5000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 6000i Firmware Cpp7.3
Bosch Flexidome Ip 3000i Firmware Cpp7.3
Bosch Flexidome Ip 4000i Firmware Cpp7.3
Bosch Flexidome Ip 5000i Firmware Cpp7.3
Bosch Flexidome Ip Starlight 5000i Firmware Cpp7.3
Bosch Flexidome Ip Starlight 8000i Firmware Cpp7.3
Bosch Mic Ip Starlight 7000i Firmware Cpp7.3
Bosch Mic Ip Starlight 7100i Firmware Cpp7.3
Bosch Mic Ip Ultra 7100i Firmware Cpp7.3
Bosch Mic Ip Fusion 9000i Firmware Cpp7.3
Bosch Dinion Ip Starlight 6000 Firmware Cpp7
Bosch Dinion Ip Starlight 7000 Firmware Cpp7
Bosch Dinion Ip Thermal 8000 Firmware Cpp7
Bosch Flexidome Ip Starlight 6000 Firmware Cpp7
7.2
CVSSv3
CVE-2021-23851
A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and a...
Bosch Autodome Ip 4000i Firmware Cpp7.3
Bosch Autodome Ip 5000i Firmware Cpp7.3
Bosch Autodome Ip Starlight 5000i Firmware Cpp7.3
Bosch Autodome Ip Starlight 7000i Firmware Cpp7.3
Bosch Dinion Ip 3000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 4000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 5000 Firmware Cpp7.3
Bosch Dinion Ip Bullet 5000i Firmware Cpp7.3
Bosch Dinion Ip Bullet 6000i Firmware Cpp7.3
Bosch Flexidome Ip 3000i Firmware Cpp7.3
Bosch Flexidome Ip 4000i Firmware Cpp7.3
Bosch Flexidome Ip 5000i Firmware Cpp7.3
Bosch Flexidome Ip Starlight 5000i Firmware Cpp7.3
Bosch Flexidome Ip Starlight 8000i Firmware Cpp7.3
Bosch Mic Ip Starlight 7000i Firmware Cpp7.3
Bosch Mic Ip Starlight 7100i Firmware Cpp7.3
Bosch Mic Ip Ultra 7100i Firmware Cpp7.3
Bosch Mic Ip Fusion 9000i Firmware Cpp7.3
Bosch Dinion Ip Starlight 6000 Firmware Cpp7
Bosch Dinion Ip Starlight 7000 Firmware Cpp7
Bosch Dinion Ip Thermal 8000 Firmware Cpp7
Bosch Flexidome Ip Starlight 6000 Firmware Cpp7
6.1
CVSSv3
CVE-2021-23848
An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the context of the user.
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
6.1
CVSSv3
CVE-2021-23854
An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.
Bosch Cpp6 Firmware 7.62
Bosch Cpp6 Firmware 7.70
Bosch Cpp6 Firmware 7.72
Bosch Cpp7 Firmware 7.62
Bosch Cpp7 Firmware 7.70
Bosch Cpp7 Firmware 7.72
Bosch Cpp7.3 Firmware 7.62
Bosch Cpp7.3 Firmware 7.70
Bosch Cpp7.3 Firmware 7.72
Bosch Cpp13 Firmware 7.75
Bosch Cpp13 Firmware 7.76
5.3
CVSSv3
CVE-2022-41677
An information disclosure vulnerability exists in Bosch IP camera devices allowing an unauthenticated malicious user to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device...
Bosch Cpp14 Firmware
Bosch Cpp13 Firmware
Bosch Cpp7.3 Firmware
Bosch Cpp7 Firmware
Bosch Cpp6 Firmware
Bosch Cpp4 Firmware
4.9
CVSSv3
CVE-2021-23852
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).
Bosch Cpp4 Firmware -
Bosch Cpp6 Firmware -
Bosch Cpp7 Firmware -
Bosch Cpp7.3 Firmware -
Bosch Cpp13 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started