Skip to main content

Video Management System

8 CVEs product

Monthly

CVE-2023-34656 HIGH POC This Week

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain escalated privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Session Fixation Video Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-28175 HIGH This Week

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Video Management System Video Management System Viewer Divar Ip 3000 Firmware Divar Ip 6000 Firmware +5
NVD
CVSS 3.1
7.7
EPSS
0.5%
CVE-2021-42261 HIGH This Week

Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Video Management System
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-6768 HIGH PATCH This Week

A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Video Management System Viewer Video Management System
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-6767 MEDIUM PATCH This Month

A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Video Management System Viewer Video Management System
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-8952 MEDIUM This Month

A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Divar Ip 2000 Firmware Divar Ip 5000 Firmware Video Management System Video Recording Manager
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2019-8951 MEDIUM This Month

An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Divar Ip 2000 Firmware Divar Ip 5000 Firmware Video Management System Video Recording Manager
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2017-15290 HIGH This Week

Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Video Management System
NVD
CVSS 3.0
7.5
EPSS
0.1%
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain escalated privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Session Fixation Video Management System
NVD GitHub
EPSS 0% CVSS 7.7
HIGH This Week

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Video Management System Video Management System Viewer +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Video Management System
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Video Management System Viewer Video Management System
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Video Management System Viewer Video Management System
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Divar Ip 2000 Firmware Divar Ip 5000 Firmware +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Divar Ip 2000 Firmware Divar Ip 5000 Firmware +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Video Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy