Lucene search
HistoryMar 30, 2022 - 4:15 p.m.
CVE-2021-23850
cve-2021-23850
tcp/ip
camera
telnet
buffer overflow
remote code execution
firmware upload.
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.7%
A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.
Affected configurations
Node
boschautodome_ip_4000iMatch-
boschautodome_ip_4000i_firmwareMatchcpp7.3
Node
boschautodome_ip_5000iMatch-
boschautodome_ip_5000i_firmwareMatchcpp7.3
Node
boschautodome_ip_starlight_5000iMatch-
boschautodome_ip_starlight_5000i_firmwareMatchcpp7.3
Node
boschautodome_ip_starlight_7000iMatch-
boschautodome_ip_starlight_7000i_firmwareMatchcpp7.3
Node
boschdinion_ip_3000iMatch-
boschdinion_ip_3000i_firmwareMatchcpp7.3
Node
boschdinion_ip_bullet_4000iMatch-
boschdinion_ip_bullet_4000i_firmwareMatchcpp7.3
Node
boschdinion_ip_bullet_5000Match-
boschdinion_ip_bullet_5000_firmwareMatchcpp7.3
Node
boschdinion_ip_bullet_5000iMatch-
boschdinion_ip_bullet_5000i_firmwareMatchcpp7.3
Node
boschdinion_ip_bullet_6000i_firmwareMatchcpp7.3
boschdinion_ip_bullet_6000iMatch-
Node
boschflexidome_ip_3000i_firmwareMatchcpp7.3
boschflexidome_ip_3000iMatch-
Node
boschflexidome_ip_4000i_firmwareMatchcpp7.3
boschflexidome_ip_4000iMatch-
Node
boschflexidome_ip_5000i_firmwareMatchcpp7.3
boschflexidome_ip_5000iMatch-
Node
boschflexidome_ip_starlight_5000i_firmwareMatchcpp7.3
boschflexidome_ip_starlight_5000iMatch-
Node
boschflexidome_ip_starlight_8000i_firmwareMatchcpp7.3
boschflexidome_ip_starlight_8000iMatch-
Node
boschmic_ip_starlight_7000i_firmwareMatchcpp7.3
boschmic_ip_starlight_7000iMatch-
Node
boschmic_ip_starlight_7100i_firmwareMatchcpp7.3
boschmic_ip_starlight_7100iMatch-
Node
boschmic_ip_ultra_7100i_firmwareMatchcpp7.3
boschmic_ip_ultra_7100iMatch-
Node
boschmic_ip_fusion_9000i_firmwareMatchcpp7.3
boschmic_ip_fusion_9000iMatch-
Node
boschdinion_ip_starlight_6000_firmwareMatchcpp7
boschdinion_ip_starlight_6000Match-
Node
boschdinion_ip_starlight_7000_firmwareMatchcpp7
boschdinion_ip_starlight_7000Match-
Node
boschdinion_ip_thermal_8000_firmwareMatchcpp7
boschdinion_ip_thermal_8000Match-
Node
boschflexidome_ip_starlight_6000_firmwareMatchcpp7
boschflexidome_ip_starlight_6000Match-
Node
boschflexidome_ip_starlight_7000_firmwareMatchcpp7
boschflexidome_ip_starlight_7000Match-
Node
boschdinion_ip_thermal_9000_rm_firmwareMatchcpp7
boschdinion_ip_thermal_9000_rmMatch-
Node
boschaviotec_ip_starlight_8000_firmwareMatchcpp6
boschaviotec_ip_starlight_8000Match-
Node
boschdinion_ip_starlight_8000_firmwareMatchcpp6
boschdinion_ip_starlight_8000Match-
Node
boschdinion_ip_ultra_8000_firmwareMatchcpp6
boschdinion_ip_ultra_8000Match-
Node
boschflexidome_ip_panoramic_6000_firmwareMatchcpp6
boschflexidome_ip_panoramic_6000Match-
Node
boschflexidome_ip_panoramic_7000_firmwareMatchcpp6
boschflexidome_ip_panoramic_7000Match-
Node
boschautodome_ip_4000_hd_firmwareMatchcpp4
boschautodome_ip_4000_hdMatch-
Node
boschautodome_ip_5000_hd_firmwareMatchcpp4
boschautodome_ip_5000_hdMatch-
Node
boschautodome_ip_5000_ir_firmwareMatchcpp4
boschautodome_ip_5000_irMatch-
Node
boschautodome_7000_firmwareMatchcpp4
boschautodome_7000Match-
Node
boschdinion_hd_1080p_firmwareMatchcpp4
boschdinion_hd_1080pMatch-
Node
boschdinion_hd_1080p_hdr_firmwareMatchcpp4
boschdinion_hd_1080p_hdrMatch-
Node
boschdinion_hd_720p_firmwareMatchcpp4
boschdinion_hd_720pMatch-
Node
boschdinion_imager_9000_hd_firmwareMatchcpp4
boschdinion_imager_9000_hdMatch-
Node
boschdinion_ip_bullet_4000_firmwareMatchcpp4
boschdinion_ip_bullet_4000Match-
Node
boschdinion_ip_bullet_5000_firmwareMatchcpp4
boschdinion_ip_bullet_5000Match-
Node
boschdinion_ip_4000_hd_firmwareMatchcpp4
boschdinion_ip_4000_hdMatch-
Node
boschdinion_ip_5000_hd_firmwareMatchcpp4
boschdinion_ip_5000_hdMatch-
Node
boschdinion_ip_5000_mp_firmwareMatchcpp4
boschdinion_ip_5000_mpMatch-
Node
boschdinion_ip_starlight_7000_hd_firmwareMatchcpp4
boschdinion_ip_starlight_7000_hdMatch-
Node
boschflexidome_corner_9000_mp_firmwareMatchcpp4
boschflexidome_corner_9000_mpMatch-
Node
boschflexidome_hd_1080p_firmwareMatchcpp4
boschflexidome_hd_1080pMatch-
Node
boschflexidome_hd_1080p_hdr_firmwareMatchcpp4
boschflexidome_hd_1080p_hdrMatch-
Node
boschflexidome_hd_720p_firmwareMatchcpp4
boschflexidome_hd_720pMatch-
Node
boschvandal-proof_flexidome_hd_1080p_firmwareMatchcpp4
boschvandal-proof_flexidome_hd_1080pMatch-
Node
boschvandal-proof_flexidome_hd_1080p_hdr_firmwareMatchcpp4
boschvandal-proof_flexidome_hd_1080p_hdrMatch-
Node
boschvandal-proof_flexidome_hd_720p_firmwareMatchcpp4
boschvandal-proof_flexidome_hd_720pMatch-
Node
boschflexidome_ip_micro_2000_hd_firmwareMatchcpp4
boschflexidome_ip_micro_2000_hdMatch-
Node
boschflexidome_ip_micro_2000_ip_firmwareMatchcpp4
boschflexidome_ip_micro_2000_ipMatch-
Node
boschflexidome_ip_indoor_4000_hd_firmwareMatchcpp4
boschflexidome_ip_indoor_4000_hdMatch-
Node
boschflexidome_ip_indoor_4000_ir_firmwareMatchcpp4
boschflexidome_ip_indoor_4000_irMatch-
Node
boschflexidome_ip_outdoor_4000_hd_firmwareMatchcpp4
boschflexidome_ip_outdoor_4000_hdMatch-
Node
boschflexidome_ip_outdoor_4000_ir_firmwareMatchcpp4
boschflexidome_ip_outdoor_4000_irMatch-
Node
boschflexidome_ip_indoor_5000_hd_firmwareMatchcpp4
boschflexidome_ip_indoor_5000_hdMatch-
Node
boschflexidome_ip_indoor_5000_mp_firmwareMatchcpp4
boschflexidome_ip_indoor_5000_mpMatch-
Node
boschflexidome_ip_micro_5000_mp_firmwareMatchcpp4
boschflexidome_ip_micro_5000_mpMatch-
Node
boschflexidome_ip_outdoor_5000_hd_firmwareMatchcpp4
boschflexidome_ip_outdoor_5000_hdMatch-
Node
boschflexidome_ip_outdoor_5000_mp_firmwareMatchcpp4
boschflexidome_ip_outdoor_5000_mpMatch-
Node
boschflexidome_ip_panoramic_5000_firmwareMatchcpp4
boschflexidome_ip_panoramic_5000Match-
Node
boschip_bullet_4000_hd_firmwareMatchcpp4
boschip_bullet_4000_hdMatch-
Node
boschip_bullet_5000_hd_firmwareMatchcpp4
boschip_bullet_5000_hdMatch-
Node
boschip_micro_2000_firmwareMatchcpp4
boschip_micro_2000Match-
Node
boschip_micro_2000_hd_firmwareMatchcpp4
boschip_micro_2000_hdMatch-
Node
boschmic_ip_dynamic_7000_firmwareMatchcpp4
boschmic_ip_dynamic_7000Match-
Node
boschmic_ip_starlight_7000_firmwareMatchcpp4
boschmic_ip_starlight_7000Match-
Node
boschtinyon_ip_2000_firmwareMatchcpp4
boschtinyon_ip_2000Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| bosch:autodome_ip_4000i_firmware | bosch autodome ip 4000i firmware | eq | cpp7.3 |
CNA Affected
[
{
"platforms": [
"CPP4, CPP6, CPP7, CPP7.3"
],
"product": "CPP Firmware",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
]Related
cvelist
cvelist
prion
prion
Buffer overflow
2022-03-30 16:15:00
nessus
nessus
nvd
nvd
CVE-2021-23850
2022-03-30 16:15:08
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.5 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.7%
Related for CVE-2021-23850