Vulnerabilities > Milesight > Ur32L Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2023-24019 Classic Buffer Overflow vulnerability in Milesight Ur32L Firmware 32.3.0.5
A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5.
network
high complexity
milesight CWE-120
8.1
8.1
2023-07-06 CVE-2023-24519 OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5.
network
low complexity
milesight CWE-78
8.8
8.8
2023-07-06 CVE-2023-24520 OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5.
network
low complexity
milesight CWE-78
8.8
8.8
2023-07-06 CVE-2023-24582 OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5.
network
low complexity
milesight CWE-78
8.8
8.8
2023-07-06 CVE-2023-24583 Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5.
network
low complexity
milesight CWE-77
8.8
8.8
2023-07-06 CVE-2023-24595 OS Command Injection vulnerability in Milesight Ur32L Firmware 32.3.0.5
An OS command injection vulnerability exists in the ys_thirdparty system_user_script functionality of Milesight UR32L v32.3.0.5.
network
low complexity
milesight CWE-78
7.2
7.2
2023-07-06 CVE-2023-25081 Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern.
network
low complexity
milesight CWE-787
7.2
7.2
2023-07-06 CVE-2023-25082 Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern.
network
low complexity
milesight CWE-787
7.2
7.2
2023-07-06 CVE-2023-25083 Out-of-bounds Write vulnerability in Milesight Ur32L Firmware 32.3.0.5
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern.
network
low complexity
milesight CWE-787
7.2
7.2
2023-07-06 CVE-2023-25084 Stack-based Buffer Overflow vulnerability in Milesight Ur32L Firmware 32.3.0.5
Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern.
network
low complexity
milesight CWE-121
7.2
7.2