2 matches found
CVE-2023-48243
The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user “root” via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code execution RCE with root privileges on the device...
CVE-2023-48243
The CVE-2023-48243 entry concerns Bosch Nexo cordless nutrunner devices (Nexo-OS). A remote attacker can upload arbitrary files to any path under the application OS user (root) through a crafted HTTP request, enabling remote code execution with root privileges on the device. Connected sources cor...