Unrated severityNVD Advisory· Published Jan 10, 2024· Updated Jun 17, 2025
CVE-2023-48248
CVE-2023-48248
Description
The vulnerability allows an authenticated remote attacker to upload a malicious file to the SD card containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3NEXO-OS V1000-Release+ 1 more
- (no CPE)range: NEXO-OS V1000-Release
- (no CPE)range: NEXO-OS V1000-Release
- Range: NEXO-OS V1000-Release
Patches
Vulnerability mechanics
References
1- psirt.bosch.com/security-advisories/BOSCH-SA-711465.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.