Lucene search
K

16601 matches found

Cvelist
Cvelist
added 2023/07/06 2:53 p.m.23 views

CVE-2023-25115

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.12 views

CVE-2023-25119

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.6AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.19 views

CVE-2023-25113

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.49 views

CVE-2023-25122

CVE-2023-25122 affects Milesight UR32L v32.3.0.5 (vtysh_ubus) with multiple buffer-overflow flaws caused by unsafe sprintf usage that propagates data from JSON blobmsg parsing into vtysh_command_buffer. A high-privileged attacker can trigger via crafted HTTP requests to the UR32L device, potentia...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.12 views

CVE-2023-25121

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.18 views

CVE-2023-25117

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.19 views

CVE-2023-25116

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.36 views

CVE-2023-25116

CVE-2023-25116 affects Milesight UR32L v32.3.0.5, reported by Talos: multiple buffer overflow vulnerabilities in the vtysh_ubus component caused by unsafe sprintf usage. An attacker with high privileges can trigger these via crafted HTTP requests to the OpenVPN/VPN management flows, exploiting fu...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.19 views

CVE-2023-25119

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.47 views

CVE-2023-25119

CVE-2023-25119 refers to multiple buffer overflow vulnerabilities in Milesight UR32L v32.3.0.5, specifically in the vtysh_ubus binary. The root cause is unsafe use of sprintf patterns that assemble commands from untrusted input (notably involving remote_subnet/remote_mask in set_pptp and related ...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.17 views

CVE-2023-25114

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.20 views

CVE-2023-25122

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.13 views

CVE-2023-25106

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.42 views

CVE-2023-25107

Summary: CVE-2023-25107 describes multiple buffer overflow vulnerabilities in Milesight UR32L v32.3.0.5, specifically in the vtysh_ubus binary. The root cause across related reports is unsafe use of sprintf-style formatting that directly incorporates user-controlled data, enabling remote attacker...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.11 views

CVE-2023-25107

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.20 views

CVE-2023-25103

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.22 views

CVE-2023-25106

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.12 views

CVE-2023-25105

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.45 views

CVE-2023-25101

Milesight UR32L (v32.3.0.5) is affected by CVE-2023-25101 due to buffer overflow in the vtysh_ubus set_dmvpn path (gre_key) caused by unsafe sprintf usage. A high-privilege attacker can trigger via specially crafted HTTP requests to the /vtysh_ubus interface, potentially leading to arbitrary code...

7.2CVSS7.4AI score0.01318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.12 views

CVE-2023-25101

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.3AI score0.01318EPSS
Exploits1References1
Rows per page
Query Builder