Bosch Divar Ip 7000 R2
6 CVEs affecting Bosch Divar Ip 7000 R2. Latest disclosed: 2023-12-18. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-23859 | Critical | 9.1 | 2021-12-08 | An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation t… |
CVE-2020-6785 | High | 7.8 | 2021-03-25 | Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allo… |
CVE-2021-23862 | High | 7.2 | 2021-12-08 | A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affect… |
CVE-2021-23861 | Medium | 6.5 | 2021-12-08 | By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or… |
CVE-2023-35867 | Medium | 5.9 | 2023-12-18 | An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of… |
CVE-2021-23860 | Medium | 5.0 | 2021-12-08 | An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack mu… |