Bosch Video Recording Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Bosch Video Recording Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2019-11684 — CVSS 9.9 (critical): Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access…
CVE-2019-6957 — CVSS 9.8 (critical): A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000…
CVE-2021-23859 — CVSS 9.1 (critical): An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS…
CVE-2020-6786 — CVSS 7.8 (high): Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version…
CVE-2023-32230 — CVSS 7.5 (high): An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to…
CVE-2021-23862 — CVSS 7.2 (high): A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context…
CVE-2019-8952 — CVSS 6.5 (medium): A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially…
CVE-2021-23861 — CVSS 6.5 (medium): By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an…
CVE-2019-8951 — CVSS 6.1 (medium): An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially…
CVE-2021-23860 — CVSS 5.0 (medium): An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this…