Known Vulnerabilities for products from Bose
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Bose".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Bose can be found at device.report : Bose
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-12638 json | An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. There is no frontend input validation of the device name. ... | 6.1 - MEDIUM | 2019-03-21 | 2019-03-21 |
| CVE-2017-17751 json | Bose SoundTouch devices allows remote attackers to achieve remote control via a crafted web site that uses the WebSocket Prot... | 8.8 - HIGH | 2018-03-24 | 2019-10-03 |
| CVE-2017-17750 json | Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify. | 5.4 - MEDIUM | 2018-03-24 | 2018-04-19 |
| CVE-2017-17749 json | Bose SoundTouch devices allow XSS via crafted song data from a music service, as demonstrated by Pandora. | 5.4 - MEDIUM | 2018-03-24 | 2018-04-19 |
| CVE-2017-6520 json | The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addr... | Not Provided | 2017-05-01 | 2025-04-20 |
Known software with vulnerabilities from Bose
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bose | Soundtouch | - |
| Hardware | Bose | Soundtouch 30 | - |