2 matches found
CVE-2023-25112
CVE-2023-25112 (Milesight UR32L, v32.3.0.5) : Talos Red Hat and NVD entries confirm a buffer overflow in the vtysh_ubus binary, specifically in set_l2tp handling of remote_subnet and remote_mask. An attacker with high privileges can trigger the overflow by crafting HTTP requests to the UR32L, ena...
CVE-2023-25112
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...