CVE-2023-48245

Name of the Vulnerable Software and Affected Versions NEXO-OS (affected versions not specified)

Description The issue allows an unauthenticated remote attacker to upload arbitrary files under the context of the application OS user (“root”) via a crafted HTTP request. This is related to weaknesses in the authorization procedure of the NEXO-OS system used in Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools for production line assembly work.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.