Bosch Pra-Es8P2S vulnerabilities
3 known vulnerabilities affecting bosch/pra-es8p2s.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-32534P2CRITICALCVSS 9.8≥ unspecified, ≤ 1.01.052022-06-23
CVE-2022-32534 [CRITICAL] CWE-20 CVE-2022-32534: The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulne
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
nvd
CVE-2022-32535P2CRITICALCVSS 9.8≥ unspecified, ≤ 1.01.052022-06-23
CVE-2022-32535 [CRITICAL] CWE-250 CVE-2022-32535: The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root pri
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
nvd
CVE-2022-32536P3HIGHCVSS 8.8≥ unspecified, ≤ 1.01.052022-06-23
CVE-2022-32536 [HIGH] CWE-269 CVE-2022-32536: The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with sof
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.
nvd