CVE-2021-23854

Summary

An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.

Affected Software

VendorProductVersion RangeStatus
BoschCPP Firmware7.70affected
BoschCPP Firmware7.72affected
BoschCPP Firmware7.62affected
BoschCPP Firmware7.75affected
BoschCPP Firmware7.76affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References