← voltar
CVE-2021-23845

B426 Web Configuration Authentication Bypass

CVSS 8 HIGHEPSS 0.8%CWE-284
This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from version 3.08 on, which was released on June 2019.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Bosch · B426-CN/B429- CN FirmwareBosch · B426 FirmwareBosch · B426-M Firmware

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://psirt.bosch.com/security-advisories/bosch-sa-196933-bt.html