PRA-ES8P2S
by Bosch
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-32536 | 0.00 | — | 0.01 | Jun 22, 2022 | The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. | |||
| CVE-2022-32534 | 0.00 | — | 0.02 | Jun 22, 2022 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. | |||
| CVE-2022-32535 | 0.00 | — | 0.01 | Jun 22, 2022 | The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch. |
- CVE-2022-32536Jun 22, 2022risk 0.00cvss —epss 0.01
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.
- CVE-2022-32534Jun 22, 2022risk 0.00cvss —epss 0.02
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
- CVE-2022-32535Jun 22, 2022risk 0.00cvss —epss 0.01
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.