Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:NBosch Divar Ip 3000
HWBoschwszystkie wersjeBosch Divar Ip 3000 Firmware
OSBosch7.5 – 8.0Bosch Divar Ip 4000
HWBoschwszystkie wersjeBosch Divar Ip 4000 Firmware
OSBosch11.1.1Bosch Divar Ip 5000
HWBoschwszystkie wersjeBosch Divar Ip 5000 Firmware
OSBosch9.0 – 11.1.1Bosch Divar Ip 6000
HWBoschwszystkie wersjeBosch Divar Ip 6000 Firmware
OSBosch11.1.1Bosch Divar Ip 7000
HWBoschwszystkie wersjeBosch Divar Ip 7000 Firmware
OSBosch7.5 – 8.0Bosch Divar Ip 7000 R2
HWBoschwszystkie wersjeBosch Divar Ip 7000 R2 Firmware
OSBosch7.5 – 11.1.1Bosch Divar Ip 7000 R3
HWBoschwszystkie wersjeBosch Divar Ip 7000 R3 Firmware
OSBosch10.1.1 – 11.1.1Bosch Video Management System
APPBosch7.5 – 11.1.1Bosch Video Management System Viewer
APPBosch7.5 – 11.1.1
Related vulnerabilities
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of...
Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitra...
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthentica...
Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote...
A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary c...