First published: Wed Jan 10 2024(Updated: )
The vulnerability allows an unauthenticated remote attacker to upload arbitrary files under the context of the application OS user (“root”) via a crafted HTTP request.
Credit: psirt@bosch.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Bosch Nexo-os | >=1000<=1500-sp2 | |
Any of | ||
Bosch Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\) | ||
Bosch Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) | ||
Bosch Nexo Cordless Nutrunner Nxa015s-36v-b \(0608842006\) | ||
Bosch Nexo Cordless Nutrunner Nxa015s-36v \(0608842001\) | ||
Bosch Nexo Cordless Nutrunner Nxa030s-36v-b \(0608842007\) | ||
Bosch Nexo Cordless Nutrunner Nxa030s-36v \(0608842002\) | ||
Bosch Nexo Cordless Nutrunner Nxa050s-36v-b \(0608842008\) | ||
Bosch Nexo Cordless Nutrunner Nxa050s-36v \(0608842003\) | ||
Bosch Nexo Cordless Nutrunner Nxa065s-36v-b \(0608842014\) | ||
Bosch Nexo Cordless Nutrunner Nxa065s-36v \(0608842013\) | ||
Bosch Nexo Cordless Nutrunner Nxp012qd-36v-b \(0608842010\) | ||
Bosch Nexo Cordless Nutrunner Nxp012qd-36v \(0608842005\) | ||
Bosch Nexo Cordless Nutrunner Nxv012t-36v-b \(0608842016\) | ||
Bosch Nexo Cordless Nutrunner Nxv012t-36v \(0608842015\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2272\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2301\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2514\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2515\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2666\) | ||
Bosch Nexo Special Cordless Nutrunner \(0608pe2673\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.