An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.
References
Link | Resource |
---|---|
https://psirt.bosch.com/Advisory/BOSCH-2018-1203.html | Mitigation Vendor Advisory |
https://psirt.bosch.com/Advisory/BOSCH-2018-1203.html | Mitigation Vendor Advisory |
Configurations
History
21 Nov 2024, 04:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://psirt.bosch.com/Advisory/BOSCH-2018-1203.html - Mitigation, Vendor Advisory |
09 Sep 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:bosch:eyes_outdoor_camera_firmware:*:*:*:*:*:*:*:* |
13 Aug 2021, 13:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:bosch:eyes_outdoor_camera:-:*:*:*:*:*:*:* |
Information
Published : 2018-12-19 22:29
Updated : 2024-11-21 04:01
NVD link : CVE-2018-20299
Mitre link : CVE-2018-20299
CVE.ORG link : CVE-2018-20299
JSON object : View
Products Affected
bosch
- 360-indoor_camera_firmware
- 360-indoor_camera
- eyes_outdoor_camera_firmware
- eyes_outdoor_camera
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer