4 matches found
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Milesight UR32L (v32.3.0.5) contains multiple OS command injection vulnerabilities described by Talos (CVE-2023-24519, CVE-2023-24520) in the vtysh_ubus toolsh_excute.constprop.1 path (e.g., traceroute/ping) and related HTTP/server-side components. Exploitation can occur via specially crafted net...