Cpp6 Firmware Security Vulnerabilities and Issues — Cpp6 Firmware CVE List

BoschCpp6 Firmware

7 matches found

CVE•added 2023/12/18 1:2 p.m.•62 views

CVE-2022-41677

CVE-2022-41677 affects Bosch IP camera devices. Concrete affected models/versions surfaced in external sources: Bosch CPP14 (firmware ≤ 8.80), CPP13 (≤ 8.48), CPP7.3 (≤ 7.86), and others. The issue is an information-disclosure vulnerability allowing an unauthenticated attacker to retrieve device ...

5.3CVSS5.2AI score0.00498EPSS

CVE•added 2021/06/09 2:19 p.m.•51 views

CVE-2021-23847

Summary: CVE-2021-23847 describes an unauthenticated information-extraction/settings-change flaw in Bosch IP cameras (CPP6, CPP7, CPP7.3) before firmware B128, on versions 7.70, 7.72, and 7.80. The root cause is a Missing Authentication in a Critical Function, allowing a remote attacker to craft ...

9.8CVSS9.2AI score0.01433EPSS

CVE•added 2021/08/05 7:23 p.m.•50 views

CVE-2021-23849

CVE-2021-23849 concerns Bosch IP cameras with a web-based management interface. The vulnerability is CSRF: an unauthenticated attacker can induce actions on behalf of a logged-in user by convincing them to click a malicious link or visit a malicious site, while the victim is authenticated to the ...

8.8CVSS8.1AI score0.00483EPSS

CVE•added 2021/06/09 2:20 p.m.•41 views

CVE-2021-23854

CVE-2021-23854 affects Bosch IP cameras’ web interface due to an error in handling the page parameter, enabling a reflected XSS in versions 7.7x and 7.6x. The issue is limited to these versions; other versions are not affected. The CVSS/metrics show a medium to high impact depending on scenario; ...

8.3CVSS6.4AI score0.00554EPSS

CVE•added 2021/06/09 2:18 p.m.•40 views

CVE-2021-23852

CVE-2021-23852 concerns Bosch IP cameras. An authenticated administrator could call a URL with an invalid parameter, causing the camera to become unresponsive for a few seconds and trigger DoS. The vulnerability is documented across multiple sources (NVD entry, CNVD, CVE listing). No exploitation...

4.9CVSS5AI score0.00825EPSS

CVE•added 2021/06/09 2:19 p.m.•40 views

CVE-2021-23853

CVE-2021-23853 affects Bosch IP cameras, where improper validation of HTTP headers in crafted URLs allows an attacker to inject arbitrary headers. The vulnerability is documented across multiple feeds (NVD entry and vendor ecosystem). Reported impact includes high confidentiality, integrity, and ...

9.8CVSS9.1AI score0.00856EPSS

CVE•added 2021/06/09 2:18 p.m.•39 views

CVE-2021-23848

CVE-2021-23848 describes a reflected XSS against the Bosch IP cameras web UI. The issue arises from the URL handling in the camera’s web interface, where an attacker who knows the camera address can send a crafted link that causes the victim’s browser to execute JavaScript in the user’s context. ...

8.3CVSS6.3AI score0.00554EPSS