MEDIUM🇬🇧 English

CVE-2022-41677

CVSS 5.3v3.1pub. 2023-12-18upd. 2024-11-21

An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve information (like capabilities) about the device itself and network settings of the device, disclosing possibly internal network settings if the device is connected to the internet.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Bosch Cpp13

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp13 Firmware

    OS
    Bosch
    ≤ 8.48
  • Bosch Cpp14

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp14 Firmware

    OS
    Bosch
    ≤ 8.80
  • Bosch Cpp4

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp4 Firmware

    OS
    Bosch
    ≤ 7.10
  • Bosch Cpp6

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp6 Firmware

    OS
    Bosch
    ≤ 7.86
  • Bosch Cpp7

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp7.3

    HW
    Bosch
    wszystkie wersje
  • Bosch Cpp7.3 Firmware

    OS
    Bosch
    ≤ 7.86
  • Bosch Cpp7 Firmware

    OS
    Bosch
    ≤ 7.86
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-23847CRITICAL9.8ten sam produkt

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to...

CVE-2023-39509HIGH7.2ten sam produkt

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administra...

CVE-2021-23849HIGH7.5ten sam produkt

A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an ...

CVE-2021-23853HIGH8.3ten sam produkt

In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP header...

CVE-2021-23854HIGH8.3ten sam produkt

An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting ...

CVE-2022-41677 — MEDIUM 5.3 | CVEbaza.pl