HIGH🇵🇱 Wersja polska

CVE-2022-36302

CVSS 8.8v3.1pub. 2022-08-01upd. 2024-11-21

File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Bosch Bf Os

    OS
    Bosch
    3.00 – 3.83
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-36301CRITICAL9.8ten sam produkt

BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker t...

CVE-2021-23859CRITICAL9.1ten sam vendor

An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of...

CVE-2021-23856CRITICAL10.0ten sam vendor

The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a ...

CVE-2021-23857CRITICAL10.0ten sam vendor

Login with hash: The login routine allows the client to log in to the system not by using the password, but by...

CVE-2021-23847CRITICAL9.8ten sam vendor

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to...