Primary

Context

Bosch ctrlX OS Web Application Vulnerability Allowing Remote Unauthenticated Attacks

Vulnerability

A vulnerability in the web application of Bosch ctrlX OS allows remote unauthenticated attackers to conduct various attacks against users of the vulnerable system. This includes web cache poisoning and Man-in-the-Middle (MitM) attacks, facilitated by sending crafted HTTP requests.

Impact

Exploitation of this vulnerability could lead to web cache poisoning or Man-in-the-Middle attacks, where an attacker could intercept and potentially alter communications between users and the vulnerable system.

Remediation

Users are strongly recommended to update to the latest versions of the affected components. The update may require a reboot of the device, temporarily making it unavailable. To verify that the updated versions are installed, check the version using the device's package management system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bosch ctrlX OS Web Application Vulnerability Allowing Remote Unauthenticated Attacks

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating