Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pra\-Es8p2s_firmware
(Bosch)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-23 | CVE-2022-32534 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. | Pra\-Es8p2s_firmware | 9.8 | ||
| 2022-06-23 | CVE-2022-32535 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch. | Pra\-Es8p2s_firmware | 9.8 | ||
| 2022-06-23 | CVE-2022-32536 | The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. | Pra\-Es8p2s_firmware | 8.8 |