Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in Bosch Video Management System (BVMS)
Vulnerability Description
A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
多款Bosch产品路径遍历漏洞
Vulnerability Description
Bosch DIVAR IP 3000是德国博世(Bosch)公司的一款3000系列视频录像机。 Bosch BVMS和Bosch BVMS Viewer中NoTouch的部署存在路径遍历漏洞。远程攻击者可利用该漏洞读取Central Server的任意文件。以下产品及版本受到影响:Bosch BVMS 10.0版本至10.0.0.1225版本,9.0版本至9.0.0.827版本,8.0版本至8.0.329版本,7.5及之前版本(安装在Bosch DIVAR IP 3000,DIVAR IP 7000,D
CVSS Information
N/A
Vulnerability Type
N/A