Lucene search
+L

4 matches found

nvd
nvd
added 2023/07/06 3:15 p.m.30 views

CVE-2023-23550

An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.1AI score0.03607EPSS
Exploits1References2
cve
cve
added 2023/07/06 2:53 p.m.55 views

CVE-2023-23550

Milesight UR32L (v32.3.0.5) hosts multiple OS command injection and related vulnerabilities disclosed by Talos in 2023, notably TALOS-2023-1694 (CVE-2023-23550) in ys_thirdparty user_delete and TALOS-2023-1697 (CVE-2023-23902) in UR32L HTTP server decrypt_string, plus additional UR32L/Talos-CVEs ...

7.2CVSS7.7AI score0.03607EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2023/07/06 2:53 p.m.31 views

CVE-2023-23550

An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.3AI score0.03607EPSS
Exploits1References1
talos
talos
added 2023/07/06 12:0 a.m.35 views

Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1694 Milesight UR32L ysthirdparty userdelete OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-23550 SUMMARY An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially...

7.2CVSS7.2AI score0.03607EPSS
Exploits1
Rows per page
Query Builder