Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2025/10/01 11:7 a.m.3 views

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular router's API to send...

7.5CVSS6.4AI score0.59342EPSS
Exploits5
0day.today
0day.today
added 2024/02/05 12:0 a.m.393 views

Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage Exploit

Milesight IoT router versions UR5X, UR32L, UR32, UR35, and UR41 suffer from a credential leaking vulnerability due to unprotected system logs and weak password encryption. !/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password...

7.5CVSS7.4AI score0.59342EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.408 views

Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage

!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...

7.5CVSS7.4AI score0.59342EPSS
Exploits5
Cvelist
Cvelist
added 2023/10/04 12:0 a.m.42 views

CVE-2023-43261

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components...

7.3AI score0.59342EPSS
Exploits5References4
Vulnrichment
Vulnrichment
added 2023/10/04 12:0 a.m.8 views

CVE-2023-43261

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components...

6.3AI score0.59342EPSS
Exploits5References4
CVE
CVE
added 2023/10/04 12:0 a.m.115 views

CVE-2023-43261

CVE-2023-43261 affects Milesight UR5X, UR32L, UR32, UR35, UR41 (pre-35.3.0.7). The issue combines a misconfigured directory listing that exposes log files containing credentials and a hardcoded AES key/IV in JS, enabling access to sensitive router components and passwords. Public PoCs and writeup...

7.5CVSS7.1AI score0.59342EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder