Lucene search
TalosCVELIST:CVE-2023-24019HistoryJul 06, 2023 - 2:53 p.m.
CVE-2023-24019
2023-07-0614:53:22
CWE-120
talos
www.cve.org
5
cve-2023-24019
buffer overflow
network packet
ur32l v32.3.0.5
vulnerability
milesight
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
CNA Affected
[
{
"vendor": "Milesight",
"product": "UR32L",
"versions": [
{
"version": "v32.3.0.5",
"status": "affected"
}
]
}
]Related
prion
prion
Stack overflow
2023-07-06 15:15:00
cnvd
cnvd
nvd
nvd
CVE-2023-24019
2023-07-06 15:15:11
talos
talos
cve
cve
CVE-2023-24019
2023-07-06 15:15:11
talosblog
talosblog
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
Related for CVELIST:CVE-2023-24019