Vulnerabilities > Milesight > Milesightvpn > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2023-22844 Use of Hard-coded Cryptographic Key vulnerability in Milesight Milesightvpn 2.0.2
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2.
network
low complexity
milesight CWE-321
critical
 9.8
9.8
2023-07-06 CVE-2023-22319 SQL Injection vulnerability in Milesight Milesightvpn 2.0.2
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2.
network
low complexity
milesight CWE-89
critical
 9.8
9.8