Vulnerabilities (CVE)

Filtered by vendor Bosch Subscribe
Filtered by product Pra-es8p2s
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32536 1 Bosch 2 Pra-es8p2s, Pra-es8p2s Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.
CVE-2022-32535 1 Bosch 2 Pra-es8p2s, Pra-es8p2s Firmware 2024-11-21 10.0 HIGH 4.8 MEDIUM
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
CVE-2022-32534 1 Bosch 2 Pra-es8p2s, Pra-es8p2s Firmware 2024-11-21 10.0 HIGH 8.8 HIGH
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.