FKIE_CVE-2023-48243

Vulnerability from fkie_nvd - Published: 2024-01-10 11:15 - Updated: 2024-11-21 08:31
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code execution (RCE) with root privileges on the device.
References
psirt@bosch.comhttps://psirt.bosch.com/security-advisories/BOSCH-SA-711465.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.htmlVendor Advisory
Impacted products
Vendor Product Version
bosch nexo-os *
bosch nexo_cordless_nutrunner_nxa011s-36v-b_\(0608842012\) -
bosch nexo_cordless_nutrunner_nxa011s-36v_\(0608842011\) -
bosch nexo_cordless_nutrunner_nxa015s-36v-b_\(0608842006\) -
bosch nexo_cordless_nutrunner_nxa015s-36v_\(0608842001\) -
bosch nexo_cordless_nutrunner_nxa030s-36v-b_\(0608842007\) -
bosch nexo_cordless_nutrunner_nxa030s-36v_\(0608842002\) -
bosch nexo_cordless_nutrunner_nxa050s-36v-b_\(0608842008\) -
bosch nexo_cordless_nutrunner_nxa050s-36v_\(0608842003\) -
bosch nexo_cordless_nutrunner_nxa065s-36v-b_\(0608842014\) -
bosch nexo_cordless_nutrunner_nxa065s-36v_\(0608842013\) -
bosch nexo_cordless_nutrunner_nxp012qd-36v-b_\(0608842010\) -
bosch nexo_cordless_nutrunner_nxp012qd-36v_\(0608842005\) -
bosch nexo_cordless_nutrunner_nxv012t-36v-b_\(0608842016\) -
bosch nexo_cordless_nutrunner_nxv012t-36v_\(0608842015\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2272\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2301\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2514\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2515\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2666\) -
bosch nexo_special_cordless_nutrunner_\(0608pe2673\) -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8",
              "versionEndIncluding": "1500-sp2",
              "versionStartIncluding": "1000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request.\r\nBy abusing this vulnerability, it is possible to obtain remote code execution (RCE) with root privileges on the device."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad permite a un atacante remoto cargar archivos arbitrarios en todas las rutas del sistema en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada. Al abusar de esta vulnerabilidad, es posible obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) con privilegios de root en el dispositivo."
    }
  ],
  "id": "CVE-2023-48243",
  "lastModified": "2024-11-21T08:31:17.553",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "psirt@bosch.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-10T11:15:08.777",
  "references": [
    {
      "source": "psirt@bosch.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html"
    }
  ],
  "sourceIdentifier": "psirt@bosch.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "psirt@bosch.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.