Lucene search
K

16601 matches found

Cvelist
Cvelist
added 2023/07/06 2:53 p.m.22 views

CVE-2023-25090

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.48 views

CVE-2023-25098

Milesight UR32L v32.3.0.5 contains buffer overflow vulnerabilities in the vtysh_ubus binary (CVE-2023-25098) due to unsafe sprintf usage. The flaws reside in set_qos and related code that formats commands, allowing a network attacker with high privileges to trigger via specially crafted HTTP requ...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.9 views

CVE-2023-25100

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.3AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.14 views

CVE-2023-25098

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.3AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.27 views

CVE-2023-25097

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.12 views

CVE-2023-25094

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.40 views

CVE-2023-25091

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.11 views

CVE-2023-25096

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.25 views

CVE-2023-25089

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.9 views

CVE-2023-25090

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.19 views

CVE-2023-25098

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.11 views

CVE-2023-25099

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.10 views

CVE-2023-25089

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.22 views

CVE-2023-25093

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.23 views

CVE-2023-25096

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.21 views

CVE-2023-25094

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.50 views

CVE-2023-25096

CVE-2023-25096 affects Milesight UR32L v32.3.0.5. The root cause is a buffer overflow in the vtysh_ubus binary (set_qos path and related QoS commands) caused by unsafe sprintf usage with user-controlled data (e.g., rule_name, class_name, etc.). An attacker with high privileges can trigger by send...

7.2CVSS7.4AI score0.01318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 2:53 p.m.11 views

CVE-2023-25097

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.21 views

CVE-2023-25100

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01318EPSS
Exploits1References1
CVE
CVE
added 2023/07/06 2:53 p.m.44 views

CVE-2023-25100

CVE-2023-25100 concerns Milesight UR32L, firmware v32.3.0.5, where multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary caused by unsafe sprintf usage. The flaw arises in set_qos and related code paths, enabling an attacker with high privileges to trigger HTTP requests over the...

7.2CVSS7.4AI score0.01318EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder