Improper Input Validation of HTTP Headers
CVE-2021-23853

8.3HIGH

Key Information:

Vendor

Bosch
Status
Cpp Firmware
Vendor
CVE Published:
9 June 2021

What is CVE-2021-23853?

In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.

Affected Version(s)

CPP Firmware CPP4, CPP6, CPP7, CPP7.3, CPP13 all

References

https://psirt.bosch.com/security-advisories/bosch-sa-4782...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.