2 matches found
CVE-2023-25116
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25116
CVE-2023-25116 affects Milesight UR32L v32.3.0.5, reported by Talos: multiple buffer overflow vulnerabilities in the vtysh_ubus component caused by unsafe sprintf usage. An attacker with high privileges can trigger these via crafted HTTP requests to the OpenVPN/VPN management flows, exploiting fu...