Lucene search
HistoryJul 06, 2023 - 3:15 p.m.
CVE-2023-24019
buffer overflow
network packet
urvpn_client
milesight ur32l
cve-2023-24019
vulnerability
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
Affected configurations
Node
milesightur32lMatch-
milesightur32l_firmwareMatch32.3.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| milesight | ur32l | - | cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:* |
| milesight | ur32l_firmware | 32.3.0.5 | cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:* |
Related
cnvd
cnvd
prion
prion
Stack overflow
2023-07-06 15:15:00
cvelist
cvelist
CVE-2023-24019
2023-07-06 14:53:22
talos
talos
cve
cve
CVE-2023-24019
2023-07-06 15:15:11
talosblog
talosblog
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
52.5%
Related for NVD:CVE-2023-24019