The vulnerability of the Ethernet switch Bosch PRA-ES8P2S web server allows attackers to increase their privileges.

The vulnerability of the Bosch PRA-ES8P2S Ethernet switch web server is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to escalate their privileges remotely...

The vulnerability of the microprogrammed Ethernet switch Bosch PRA-ES8P2S, related to deficiencies in access control, allows attackers to bypass existing security restrictions and elevate their privileges to the root level.

The vulnerability of the microprogrammed Ethernet switch Bosch PRA-ES8P2S is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and elevate their privileges to the root level...

The vulnerability in the web interface for diagnosing micro-program software in the Bosch PRA-ES8P2S Ethernet switch allows a hacker to execute arbitrary operating system commands.

The vulnerability of the web-based interface for diagnosing micro-programmed Ethernet switch software from Bosch, the PRA-ES8P2S, is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands using...

Bosch Ethernet switch PRA-ES8P2S Web service elevation of privilege vulnerability

Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany.Bosch Ethernet switch PRA-ES8P2S Web service elevation of privilege vulnerability can be exploited by remote attackers to submit special requests that can elevate privileges to execute arbitrary commands in root context...

CVE-2022-32534

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch...

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch...

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch...

Bosch Ethernet switch PRA-ES8P2S 安全漏洞

Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany. Bosch Ethernet switch PRA-ES8P2S has a security vulnerability in the user access rights checks, which can be exploited by remote attackers to submit special requests that can elevate privileges and gain administrator rights...

Bosch Ethernet switch PRA-ES8P2S 操作系统命令注入漏洞

Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany. An operating system command injection vulnerability exists in Bosch Ethernet switch PRA-ES8P2S 1.01.05 and earlier software versions, which originates from an easy command injection via its web interface and can be exploited by an...

Bosch Ethernet switch PRA-ES8P2S 安全漏洞

Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany.Bosch Ethernet switch PRA-ES8P2S Web service elevation of privilege vulnerability can be exploited by remote attackers to submit special requests that can elevate privileges to execute arbitrary commands in root context...

CVE-2022-32534

CVE-2022-32534 affects Bosch PRA-ES8P2S Ethernet switch (firmware 1.01.05 and earlier). The connected sources confirm a remote command-injection vulnerability in the diagnostics web interface caused by insufficient input validation, allowing an attacker to execute arbitrary OS commands via the we...

CVE-2022-32536

Technical details about CVE-2022-32536 are not publicly provided in the supplied documents. No specifics on affected components, root cause, or fixes are available here. Monitor for future updates from vendors and security advisories.

CVE-2022-32536 Privilege Escalation

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights...

CVE-2022-32535

The CVE describes a privilege-escalation issue in Bosch’s PRA-ES8P2S Ethernet switch running web server on firmware 1.01.05, where the web server operates with root privileges. In combination with CVE-2022-23534, this could allow an attacker to gain root access to the device. Documents confirm af...

PT-2022-3473 · Bosch · Bosch Pra-Es8P2S

Name of the Vulnerable Software and Affected Versions: Bosch PRA-ES8P2S versions 1.01.05 and earlier Description: The issue is related to insufficient input validation in the diagnostics web interface of the Bosch PRA-ES8P2S Ethernet switch. This allows a remote attacker to execute arbitrary...