The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
References
Link | Resource |
---|---|
https://psirt.bosch.com/security-advisories/BOSCH-SA-247052-BT.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
29 Jun 2023, 14:24
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 |
Information
Published : 2022-06-23 17:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-32534
Mitre link : CVE-2022-32534
CVE.ORG link : CVE-2022-32534
JSON object : View
Products Affected
bosch
- pra-es8p2s_firmware
- pra-es8p2s