3 matches found
CVE-2023-25115
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25115
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25115
CVE-2023-25115 concerns Milesight UR32L v32.3.0.5. The connected sources confirm multiple buffer overflow vulnerabilities in the vtysh_ubus binary caused by unsafe sprintf usage on user-controlled data, triggered via specially crafted HTTP requests to OpenVPN-related functions (e.g., set_openvpn_...