Lucene search
+L

4 matches found

NVD
NVD
added 2023/07/06 3:15 p.m.41 views

CVE-2023-24520

Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...

8.8CVSS8.9AI score0.036EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.17 views

CVE-2023-24520

Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...

8.8CVSS8.9AI score0.036EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.51 views

CVE-2023-24520

Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...

8.8CVSS9.1AI score0.036EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.44 views

CVE-2023-24520

Milesight UR32L (v32.3.0.5) contains multiple OS command injection vulnerabilities described by Talos (CVE-2023-24519, CVE-2023-24520) in the vtysh_ubus toolsh_excute.constprop.1 path (e.g., traceroute/ping) and related HTTP/server-side components. Exploitation can occur via specially crafted net...

8.8CVSS9.2AI score0.036EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder