CVE-2022-36302
CVE-2022-36302
In short
A flaw in BF-OS (versions 3.00–3.83) allows attackers to manipulate file paths to access files and folders they shouldn't reach, potentially exposing sensitive information stored on the system.
Technical detail
CWE-641 file path manipulation vulnerability enables an attacker to craft malicious file path inputs that bypass access restrictions in BF-OS 3.00 through 3.83, gaining unauthorized access to sensitive resources. The vulnerability requires no authentication or special privileges and can lead to information disclosure of protected data.
Summary generated and translated by AI from the official description.
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Bosch · BF-OSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →