CVE-2021-23849
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bosch | CPP Firmware | all | affected |
Weaknesses
- CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.