HIGH🇬🇧 English

CVE-2023-49722

CVSS 8.3v3.1pub. 2024-01-09upd. 2024-11-21

Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
  • Bosch Bcc101

    HW
    Bosch
    wszystkie wersje
  • Bosch Bcc101 Firmware

    OS
    Bosch
    4.13.20 – 4.13.33 (bez)
  • Bosch Bcc102

    HW
    Bosch
    wszystkie wersje
  • Bosch Bcc102 Firmware

    OS
    Bosch
    4.13.20 – 4.13.33 (bez)
  • Bosch Bcc50

    HW
    Bosch
    wszystkie wersje
  • Bosch Bcc50 Firmware

    OS
    Bosch
    4.13.20 – 4.13.33 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-36301CRITICAL9.8ten sam vendor

BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker t...

CVE-2021-23859CRITICAL9.1ten sam vendor

An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of...

CVE-2021-23856CRITICAL10.0ten sam vendor

The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a ...

CVE-2021-23857CRITICAL10.0ten sam vendor

Login with hash: The login routine allows the client to log in to the system not by using the password, but by...

CVE-2021-23847CRITICAL9.8ten sam vendor

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to...