CVE-2023-25114

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25109

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

PT-2023-5080 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by multiple buffer overflow vulnerabilities in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code...

Milesight UR32L 缓冲区错误漏洞

The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...

PT-2023-5076 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by multiple buffer overflow vulnerabilities in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code...

PT-2023-5085 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the handle interface acl function of the vtysh ubus binary, due to the use of an unsafe sprintf pattern. This can be triggered by a...