2 matches found
CVE-2023-23547
Milesight UR32L, v32.3.0.5, is affected by a directory traversal vulnerability in luci2-io file-export mib. The TALOS report details that the CGI endpoint used to export configuration files parses input parameters and builds a file path by concatenating a base directory with the requested file na...
Milesight UR32L luci2-io file-export mib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1695 Milesight UR32L luci2-io file-export mib directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23547 SUMMARY A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially...