The vulnerability allows a remote authenticated malicious user to read or update arbitrary content of the authentication database via a crafted HTTP request. By abusing this vulnerability it is possible to exfiltrate other users’ password hashes or update them with arbitrary values and access their accounts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bosch nexo-os |