3 results (0.008 seconds)

CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0

A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz web de la imagen de recuperación de la cámara. También puede causar un desbordamiento del búfer que podría permitir una ejecución de código remota. • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •

CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. Un paquete TCP/IP especialmente diseñado puede causar el bloqueo de la interfaz telnet de la imagen de recuperación de la cámara. También puede causar un desbordamiento del búfer que podría permitir una ejecución de código remota. • https://psirt.bosch.com/security-advisories/bosch-sa-446276-bt.html https://psirt.bosch.com/security-advisories/bosch-sa-478243-bt.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •

CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. Se ha descubierto un problema en varias cámaras IP de Bosch para versiones de firmware 6.32 y superiores. Un cliente malicioso podría tener éxito a la hora de ejecutar de forma no autorizada código en el dispositivo mediante la interfaz de red. • https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •