3 matches found
CVE-2023-25092
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25092
CVE-2023-25092 affects Milesight UR32L v32.3.0.5. The vtysh_ubus binary contains buffer overflow vulnerabilities driven by unsafe sprintf usage in handle_interface_acl (and related firewall/ACL handling paths described in TALOS/Cisco Red Hat entries). A specially crafted HTTP request can trigger ...
CVE-2023-25092
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...