VYPR

PRA-ES8P2S

by Bosch

CVEs (3)

  • CVE-2022-32536Jun 22, 2022
    risk 0.00cvss epss 0.01

    The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.

  • CVE-2022-32534Jun 22, 2022
    risk 0.00cvss epss 0.02

    The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.

  • CVE-2022-32535Jun 22, 2022
    risk 0.00cvss epss 0.01

    The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.