Vulnerabilities > Milesight > Milesightvpn
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-06 | CVE-2023-22319 | SQL Injection vulnerability in Milesight Milesightvpn 2.0.2 A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. | 9.8 |
2023-07-06 | CVE-2023-22371 | OS Command Injection vulnerability in Milesight Milesightvpn 2.0.2 An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. | 8.1 |
2023-07-06 | CVE-2023-22844 | Use of Hard-coded Cryptographic Key vulnerability in Milesight Milesightvpn 2.0.2 An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. | 9.8 |
2023-07-06 | CVE-2023-23907 | Path Traversal vulnerability in Milesight Milesightvpn 2.0.2 A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. | 7.5 |
2023-07-06 | CVE-2023-24496 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Milesight Milesightvpn 2.0.2 Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. | 4.7 |