3 matches found
CVE-2023-25101
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25101
Milesight UR32L (v32.3.0.5) is affected by CVE-2023-25101 due to buffer overflow in the vtysh_ubus set_dmvpn path (gre_key) caused by unsafe sprintf usage. A high-privilege attacker can trigger via specially crafted HTTP requests to the /vtysh_ubus interface, potentially leading to arbitrary code...
CVE-2023-25101
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...