6 matches found
CVE-2023-25582
Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...
CVE-2023-25582
creationtimestamp| type| source ---|---|--- 2023-07-06 18:30:27+00:00| seen| https://t.me/cibsecurity/66105...
CVE-2023-25582
Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...
CVE-2023-25582
Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...
CVE-2023-25582
CVE-2023-25582 affects Milesight UR32L v32.3.0.5 with two OS command injection flaws in the zebra vlan_name functionality. Public material documents a pre-authentication remote exploit path in UR32L’s HTTP server (via TALOS-2023-1697) leading to stack-based buffer overflow and potential RCE; addi...
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...