Note:
This project will be discontinued after December 13, 2021. [more]
Product:
B426_firmware
(Bosch)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-18 | CVE-2021-23845 | This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from version 3.08 on, which was released on June 2019. | B426\-Cn_firmware, B426\-M_firmware, B426_firmware, B429\-Cn_firmware | 8.8 | ||
| 2021-06-18 | CVE-2021-23846 | When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021. | B426_firmware | 5.9 |