2 matches found
CVE-2023-25083
CVE-2023-25083 affects Milesight UR32L (v32.3.0.5). The issue is a buffer overflow in the vtysh_ubus firewall_handler_set path, caused by unsafe use of sprintf with user-controlled data (ip, mac, and related fields). The vulnerability is exploitable via crafted HTTP requests and can lead to arbit...
CVE-2023-25083
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...