CVE-2019-11601 CRITICAL

CVE-2019-11601: Path traversal in the backup & restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software

Vendor N/A
Product n/a
Published August 21, 2019
Last update September 16, 2024

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.

Key dates

02Disclosure timeline

August 21, 2019 CVE published
September 16, 2024 Record updated