Vulnerabilities > Milesight > Ur35 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-10-05 CVE-2023-43260 Cross-site Scripting vulnerability in Milesight products
Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.
network
low complexity
milesight CWE-79
6.1
2023-10-04 CVE-2023-43261 Information Exposure Through Log Files vulnerability in Milesight products
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.
network
low complexity
milesight CWE-532
7.5