Skip to main content

Divar Ip 7000 R2 Firmware

2 CVEs product

Monthly

CVE-2023-35867 MEDIUM This Month

An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Building Integration System Video Engine Bosch Video Management System Video Management System Viewer Configuration Manager +10
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2023-28175 HIGH This Week

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Video Management System Video Management System Viewer Divar Ip 3000 Firmware Divar Ip 6000 Firmware +5
NVD
CVSS 3.1
7.7
EPSS
0.5%
EPSS 1% CVSS 5.9
MEDIUM This Month

An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Building Integration System Video Engine Bosch Video Management System +12
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Video Management System Video Management System Viewer +7
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy