Vulnerabilities > Milesight

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-06	CVE-2023-23546	Improper Certificate Validation vulnerability in Milesight Ur32L Firmware 32.3.0.5 A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. network high complexity milesight CWE-295	8.1
2023-07-06	CVE-2023-23547	Path Traversal vulnerability in Milesight Ur32L Firmware 32.3.0.5 A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-22	6.5
2023-07-06	CVE-2023-23550	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	7.2
2023-07-06	CVE-2023-23571	Buffer Over-read vulnerability in Milesight Ur32L Firmware 32.3.0.5 An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-126	7.5
2023-07-06	CVE-2023-23902	Stack-based Buffer Overflow vulnerability in Milesight Ur32L Firmware 32.3.0.5 A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-121 critical	9.8
2023-07-06	CVE-2023-23907	Path Traversal vulnerability in Milesight Milesightvpn 2.0.2 A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. network low complexity milesight CWE-22	7.5
2023-07-06	CVE-2023-24018	Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5 A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-787	8.8
2023-07-06	CVE-2023-24019	Classic Buffer Overflow vulnerability in Milesight Ur32L Firmware 32.3.0.5 A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. network high complexity milesight CWE-120	8.1
2023-07-06	CVE-2023-24496	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Milesight Milesightvpn 2.0.2 Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. network high complexity milesight CWE-80	4.7
2023-07-06	CVE-2023-24519	OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. network low complexity milesight CWE-78	8.8

Vulnerabilities > Milesight {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Milesight"}]}

Vulnerabilities > Milesight