CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2021-23851 – Buffer Overflow vulnerability in the recovery image web-based interface
https://notcve.org/view.php?id=CVE-2021-23851
30 Mar 2022 — A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz web de la imagen de recuperación de la cámara. También puede causar un desbordamiento ... • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2021-23850 – Buffer Overflow vulnerability in the recovery image telnet server
https://notcve.org/view.php?id=CVE-2021-23850
30 Mar 2022 — A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz telnet de la imagen de recuperación de la cámara. También puede causar un desbordamie... • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0CVE-2018-19036
https://notcve.org/view.php?id=CVE-2018-19036
17 Dec 2018 — An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. Se ha descubierto un problema en varias cámaras IP de Bosch para versiones de firmware 6.32 y superiores. Un cliente malicioso podría tener éxito a la hora de ejecutar de forma no autorizada código en el dispositivo mediante la interfaz de red. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •