CVE-2018-19036

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:bosch:common_product_platform_4_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:extegra_ip_dynamic_9000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:extegra_ip_starlight_9000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_micro_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panormic_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:ip_2000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:ip_2000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:bosch:common_product_platform_6_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_starlight_8000_12mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_ultra_8000_12mp:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180_iva:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360_iva:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180_iva:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360_iva:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:bosch:common_product_platform_7_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:bosch:common_product_platform_7.3_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:57

Type Values Removed Values Added
References () https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf - Mitigation, Patch, Vendor Advisory () https://media.boschsecurity.com/fs/media/pb/security_advisories/bosch-2018-1202-bt-cve-2018-19036_security_advisory_ip_camera_vulnerability.pdf - Mitigation, Patch, Vendor Advisory

Information

Published : 2018-12-17 19:29

Updated : 2024-11-21 03:57


NVD link : CVE-2018-19036

Mitre link : CVE-2018-19036

CVE.ORG link : CVE-2018-19036


JSON object : View

Products Affected

bosch

  • flexidome_ip_4000i
  • common_product_platform_7.3_firmware
  • flexidome_ip_panoramic_6000_12mp_360
  • extegra_ip_dynamic_9000
  • flexidome_ip_outdoor_4000_hd
  • autodome_ip_5000_hd
  • autodome_ip_4000i
  • dinion_ip_starlight_6000
  • ip_bullet_4000_hd
  • dinion_ip_starlight_8000_12mp
  • vandal-proof_flexidome_hd_720p
  • flexidome_corner_9000_mp
  • common_product_platform_6_firmware
  • dinion_hd_1080p_hdr
  • dinion_ip_ultra_8000_12mp
  • flexidome_ip_panoramic_7000_12mp_180_iva
  • dinion_imager_9000_hd
  • flexidome_ip_outdoor_5000_hd
  • mic_ip_dynamic_7000
  • dinion_ip_4000_hd
  • flexidome_ip_panoramic_7000_12mp_360_iva
  • dinion_ip_thermal_8000
  • flexidome_ip_starlight_7000
  • flexidome_ip_5000i
  • mic_ip_fusion_9000i
  • common_product_platform_7_firmware
  • dinion_ip_bullet_5000i
  • autodome_ip_4000_hd
  • autodome_ip_7000
  • autodome_ip_5000i
  • ip_bullet_5000_hd
  • flexidome_ip_indoor_5000_mp
  • flexidome_ip_micro_2000_ip
  • flexidome_ip_outdoor_4000_ir
  • flexidome_ip_micro_5000_mp
  • flexidome_ip_panoramic_6000_12mp_360_iva
  • mic_ip_starlight_7000
  • dinion_ip_bullet_5000
  • dinion_ip_bullet_4000i
  • mic_ip_starlight_7000i
  • dinion_hd_1080p
  • dinion_ip_5000_hd
  • extegra_ip_starlight_9000
  • flexidome_ip_micro_5000_hd
  • common_product_platform_4_firmware
  • flexidome_ip_micro_2000_hd
  • ip_2000
  • ip_2000_hd
  • aviotec_ip_starlight_8000
  • flexidome_ip_panoramic_6000_12mp_180
  • flexidome_ip_indoor_4000_ir
  • flexidome_ip_outdoor_5000_mp
  • flexidome_ip_panoramic_6000_12mp_180_iva
  • flexidome_ip_panoramic_7000_12mp_180
  • autodome_ip_starlight_5000i
  • dinion_ip_bullet_4000
  • autodome_ip_5000_ir
  • flexidome_hd_720p
  • flexidome_ip_panoramic_7000_12mp_360
  • flexidome_ip_panormic_5000
  • flexidome_hd_1080p_hdr
  • flexidome_ip_indoor_4000_hd
  • tinyon_ip_2000
  • flexidome_ip_indoor_5000_hd
  • dinion_ip_starlight_7000
  • dinion_ip_starlight_7000_hd
  • flexidome_ip_starlight_6000
  • autodome_ip_starlight_7000i
  • vandal-proof_flexidome_hd_1080p
  • flexidome_hd_1080p
  • dinion_ip_bullet_6000i
  • dinion_hd_720p
  • dinion_ip_5000_mp
  • vandal-proof_flexidome_hd_1080p_hdr
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer