3 matches found
CVE-2023-25096
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25096
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25096
CVE-2023-25096 affects Milesight UR32L v32.3.0.5. The root cause is a buffer overflow in the vtysh_ubus binary (set_qos path and related QoS commands) caused by unsafe sprintf usage with user-controlled data (e.g., rule_name, class_name, etc.). An attacker with high privileges can trigger by send...