4 matches found
CVE-2019-11897
The CVE-2019-11897 issue is a Server-Side Request Forgery (SSRF) in the backup & restore functionality of older ProSyst mBS SDK releases (before 8.2.6) and Bosch IoT Gateway Software (before 9.3.0). The vulnerability allows a remote attacker to forge GET requests to arbitrary URLs, potentially en...
CVE-2019-11603
CVE-2019-11603 describes an HTTP path traversal in ProSyst mBS SDK prior to 8.2.6 and Bosch IoT Gateway Software prior to 9.0.2, enabling remote attackers to read files outside the HTTP root. Affected components: ProSyst mBS SDK <8.2.6 and Bosch IoT Gateway Software
CVE-2019-11602
This CVE affects older releases of ProSyst mBS SDK and Bosch IoT Gateway Software, where remote access to backup and restore leaks stack traces that reveal filesystem structure. Affected components are the backup/restore functionality in ProSyst mBS SDK prior to 8.2.6 and Bosch IoT Gateway Softwa...
CVE-2019-11601
This CVE describes a directory traversal vulnerability in the remote access to the backup and restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software. Affected products and versions: ProSyst mBS SDK before 8.2.6; Bosch IoT Gateway Software before 9.2.0. Root cause, as stated in th...