2 matches found
CVE-2023-25091
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25091
CVE-2023-25091 (Milesight UR32L) : The vtysh_ubus component in UR32L v32.3.0.5 has multiple buffer overflow vulnerabilities, caused by unsafe sprintf usage in handle_interface_acl (interface variable when out_acl = -1). A high-privilege attacker can send crafted HTTP requests over the network to ...