CVE-2023-25120

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25103

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

EUVD-2012-3859

Malware in sbrugna...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

CVE-2023-25103

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25101

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25102

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

PT-2023-5082 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set dmvpn function of the Milesight UR32L router's firmware, due to the use of an unsafe sprintf pattern. This can be exploited by a...

PT-2023-5071 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

CVE-2012-3915

The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service persistent IKE state via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602...

Design/Logic Flaw

The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service persistent IKE state via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602...

CVE-2012-3915

CVE-2012-3915 affects Cisco IOS 15.2 DMVPN tunnel implementation. The issue allows remote attackers to cause a denial of service by sending a large volume of hub-to-spoke traffic, creating a persistent IKE state (Bug ID CSCtq39602). Connected records confirm the vulnerable component and outcome b...

CVE-2012-3915

The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service persistent IKE state via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602...

Cisco IOS Next Hop Resolution Protocol Vulnerability

The Cisco Next Hop Resolution Protocol NHRP feature in Cisco IOS contains a vulnerability that can result in a restart of the device or possible remote code execution. NHRP is a primary component of the Dynamic Multipoint Virtual Private Network DMVPN feature. NHRP can operate in three ways: at t...

[Full-disclosure] Cisco NHRP denial of service (cisco-sa-20070808-nhrp)

Hi, this exploit/DoS addresses the recent NHRP bug in Cisco IOS CSCin95836 / cisco-sa-20070808-nhrp. The original advisory can be found here: http://www.cisco.com/en/US/products/productssecurityadvisory09186a008089963b.shtml Exploit/DoS: // / / / nhrp-dos - Copyright by Martin Kluge, [email protected] ...

[Full-disclosure] Cisco Security Advisory: Cisco IOS Next Hop Resolution Protocol Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Next Hop Resolution Protocol Vulnerability Advisory ID: cisco-sa-20070808-nhrp http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml Revision 1.0 For Public Release 2007 August 08 1600 UTC GMT -...