Vulnerabilities > Milesight

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-06	CVE-2023-22299	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	8.8
2023-07-06	CVE-2023-22306	Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-77	7.2
2023-07-06	CVE-2023-22319	SQL Injection vulnerability in Milesight Milesightvpn 2.0.2 A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. network low complexity milesight CWE-89 critical	9.8
2023-07-06	CVE-2023-22365	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the ys_thirdparty check_system_user functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	7.2
2023-07-06	CVE-2023-22371	OS Command Injection vulnerability in Milesight Milesightvpn 2.0.2 An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. network high complexity milesight CWE-78	8.1
2023-07-06	CVE-2023-22653	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	8.8
2023-07-06	CVE-2023-22659	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	7.2
2023-07-06	CVE-2023-22844	Use of Hard-coded Cryptographic Key vulnerability in Milesight Milesightvpn 2.0.2 An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. network low complexity milesight CWE-321 critical	9.8
2023-07-06	CVE-2023-23546	Improper Certificate Validation vulnerability in Milesight Ur32L Firmware 32.3.0.5 A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. network high complexity milesight CWE-295	8.1
2023-07-06	CVE-2023-23547	Path Traversal vulnerability in Milesight Ur32L Firmware 32.3.0.5 A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-22	6.5

Vulnerabilities > Milesight {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Milesight"}]}

Vulnerabilities > Milesight