BOSCH-SA-025794-BT: The Bosch Video Management System is using SSH server that does not restrict a port forwarding requested by an authenticated SSH client. An authenticated SSH client can request a connection which is forwarded by the BVMS SSH server to a resource within the trusted internal network, which is normally protected from the WAN interface. The resource can be beyond the scope of the Bosch Video Management System.


https://psirt.bosch.com/security-advisories/bosch-sa-025794-bt.html