Every CVE whose affected-product data names Bosch Cpp7.3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-23847 — CVSS 9.8 (critical): A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive…
CVE-2021-23848 — CVSS 8.3 (high): An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker…
CVE-2021-23853 — CVSS 8.3 (high): In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.
CVE-2021-23854 — CVSS 8.3 (high): An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based…
CVE-2021-23849 — CVSS 7.5 (high): A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of…
CVE-2022-41677 — CVSS 5.3 (medium): An information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve…
CVE-2021-23852 — CVSS 4.9 (medium): An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to…