Bitdefender Box Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Bitdefender Box Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-13871 — CVSS 8.8 (high): A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of Bitdefender Box 1 (firmware version…
CVE-2019-12612 — CVSS 7.8 (high): An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX…
CVE-2024-13872 — CVSS 7.5 (high): Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and…
CVE-2024-13870 — CVSS 5.7 (medium): An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.3.52.928 and below) that allows an unauthenticated…
CVE-2019-12611 — CVSS 4.4 (medium): An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product…