Vulnerabilities > Milesight > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-06 | CVE-2023-23907 | Unspecified vulnerability in Milesight Milesightvpn 2.0.2 A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. | 7.5 |
2023-07-06 | CVE-2023-24018 | Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5 A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. | 8.8 |
2023-07-06 | CVE-2023-24019 | Unspecified vulnerability in Milesight Ur32L Firmware 32.3.0.5 A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. | 8.1 |
2023-07-06 | CVE-2023-24519 | OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. | 8.8 |
2023-07-06 | CVE-2023-24520 | OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. | 8.8 |
2023-07-06 | CVE-2023-24582 | OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. | 8.8 |
2023-07-06 | CVE-2023-24583 | Unspecified vulnerability in Milesight Ur32L Firmware 32.3.0.5 Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. | 8.8 |
2023-07-06 | CVE-2023-24595 | Unspecified vulnerability in Milesight Ur32L Firmware 32.3.0.5 An OS command injection vulnerability exists in the ys_thirdparty system_user_script functionality of Milesight UR32L v32.3.0.5. | 7.2 |
2023-07-06 | CVE-2023-25081 | Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5 Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. | 7.2 |
2023-07-06 | CVE-2023-25082 | Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5 Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. | 7.2 |