Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bosch nexo-os vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48251
The vulnerability allows a remote malicious user to authenticate to the SSH service with root privileges through a hidden hard-coded account.
Bosch Nexo-os
8.8
CVSSv3
CVE-2023-48253
The vulnerability allows a remote authenticated malicious user to read or update arbitrary content of the authentication database via a crafted HTTP request. By abusing this vulnerability it is possible to exfiltrate other users’ password hashes or update them with arbitrar...
Bosch Nexo-os
6.1
CVSSv3
CVE-2023-48255
The vulnerability allows an unauthenticated remote malicious user to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL, HTTP request, or simply by waiting for the victim to view ...
Bosch Nexo-os
8.8
CVSSv3
CVE-2023-48257
The vulnerability allows a remote malicious user to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or ind...
Bosch Nexo-os
7.5
CVSSv3
CVE-2023-48261
The vulnerability allows a remote unauthenticated malicious user to read arbitrary content of the results database via a crafted HTTP request.
Bosch Nexo-os
9.8
CVSSv3
CVE-2023-48263
The vulnerability allows an unauthenticated remote malicious user to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
Bosch Nexo-os
9.8
CVSSv3
CVE-2023-48265
The vulnerability allows an unauthenticated remote malicious user to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
Bosch Nexo-os
8.8
CVSSv3
CVE-2023-48252
The vulnerability allows an authenticated remote malicious user to perform actions exceeding their authorized access via crafted HTTP requests.
Bosch Nexo-os
6.3
CVSSv3
CVE-2023-48256
The vulnerability allows a remote malicious user to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request.
Bosch Nexo-os
7.5
CVSSv3
CVE-2023-48259
The vulnerability allows a remote unauthenticated malicious user to read arbitrary content of the results database via a crafted HTTP request.
Bosch Nexo-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »