Filtered by vendor Milesight
Subscriptions
Total
81 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-24582 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 8.8 High |
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injection is triggered through a TCP packet. | ||||
CVE-2023-24583 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 8.8 High |
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injection is triggered through a UDP packet. | ||||
CVE-2023-24519 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 8.8 High |
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the ping tool utility. | ||||
CVE-2023-24520 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 8.8 High |
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the trace tool utility. | ||||
CVE-2023-22319 | 1 Milesight | 1 Milesightvpn | 2024-11-14 | 7.3 High |
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability. | ||||
CVE-2023-22659 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2023-25115 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the remote_ip and the port variables. | ||||
CVE-2023-25116 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the local_virtual_ip and the remote_virtual_ip variables. | ||||
CVE-2023-25117 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the local_virtual_ip and the local_virtual_mask variables. | ||||
CVE-2023-25118 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_openvpn_client function with the username and the password variables. | ||||
CVE-2023-25119 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_pptp function with the remote_subnet and the remote_mask variables. | ||||
CVE-2023-25120 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_dmvpn function with the cisco_secret variable. | ||||
CVE-2023-25121 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_ike_profile function with the secrets_local variable. | ||||
CVE-2023-22306 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 7.2 High |
An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
CVE-2023-23902 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-14 | 9.8 Critical |
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability. | ||||
CVE-2023-24496 | 1 Milesight | 1 Milesightvpn | 2024-10-28 | 4.7 Medium |
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the name field of the database. | ||||
CVE-2023-23547 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-10-24 | 6.5 Medium |
A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability. | ||||
CVE-2023-43260 | 1 Milesight | 15 Ur32, Ur32 Firmware, Ur32l and 12 more | 2024-09-19 | 6.1 Medium |
Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. | ||||
CVE-2022-3001 | 1 Milesight | 2 Video Management Systems, Video Management Systems Firmware | 2024-09-16 | 7.5 High |
This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the targeted network camera. Successful exploitation of this vulnerability could allow the attacker to cause a Denial of Service condition on the targeted device. | ||||
CVE-2016-2357 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2024-08-05 | 9.8 Critical |
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. |