VYPR

B426 Firmware

by Bosch

CVEs (2)

  • CVE-2021-23846Jun 18, 2021
    risk 0.00cvss epss 0.01

    When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021.

  • CVE-2021-23845Jun 18, 2021
    risk 0.00cvss epss 0.01

    This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed…