Filtered by vendor Bosch
Subscriptions
Filtered by product Ctrlx Os
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48861 | 1 Bosch | 1 Ctrlx Os | 2025-08-16 | 5.3 Medium |
| A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps. | ||||
| CVE-2025-48862 | 1 Bosch | 1 Ctrlx Os | 2025-08-16 | 7.1 High |
| Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted. | ||||
| CVE-2025-48860 | 1 Bosch | 1 Ctrlx Os | 2025-08-16 | 8 High |
| A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to access sensitive data. | ||||
Page 1 of 1.