CVE-2021-23862
CVE-2021-23862 describes an authenticated command-injection flaw: a crafted configuration packet sent by an authenticated administrative user can execute arbitrary commands in the system context. Affected products include Bosch VRM, DIVAR IP, BVMS with VRM installed, and the VIDEOJET decoder (VJD...