3 matches found
CVE-2023-22653
An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-22653
CVE-2023-22653 : Milesight UR32L v32.3.0.5 exposes an OS command injection in the vtysh_ubus tcpdump_start_cb API. Cisco Talos details show an authenticated, pre-auth vulnerability where a specially crafted HTTP request can trigger command execution via the tcpdump_start functionality, potentiall...
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtyshubus tcpdumpstartcb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A speciall...