Bosch: >> Video Streaming Gateway >> 6.45.10 Security Vulnerabilities
An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-12-18
Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-03-25