Authentication flaw

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

CVE-2019-6957

A recently discovered security vulnerability affects all Bosch Video Management System BVMS versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager VRM, Video Streaming Gateway VSG, Configuration Manager, Building Integration System BIS with Video Engine, Access...

CVE-2019-8952

A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files on the system via the network interface. Affected hardware products: Bosch DIVAR IP 2000 vulnerable...

CVE-2019-8951

An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary URL. Affected hardware products: Bosch DIVAR IP 2000 vulnerable versions: 3.10; 3.20; 3.21; 3.50;...