16601 matches found
CVE-2023-25097
Milesight UR32L (v32.3.0.5) exposes a buffer-overflow vulnerability in the vtysh_ubus binary (set_qos path, attach_class/class_name) due to unsafe sprintf usage. The issue can be triggered by high-privileged, network-accessing attackers via crafted HTTP requests, potentially enabling arbitrary co...
CVE-2023-25095
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25087
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25087
CVE-2023-25087 affects Milesight UR32L v32.3.0.5. The issue is a buffer overflow in the vtysh_ubus binary’s firewall_handler_set path, caused by unsafe use of sprintf with user-controlled data. Exploitation requires an authenticated, high-privilege attacker sending crafted HTTP requests to the af...
CVE-2023-25083
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25088
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25084
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25081
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25088
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25086
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25085
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25088
CVE-2023-25088 affects Milesight UR32L (v32.3.0.5) via the vtysh_ubus firewall_handler_set code path. The vulnerability is a buffer overflow caused by unsafe use of sprintf with user-controlled data (src/dmz, old_mac, old_ip, ip, description, etc.) in multiple code paths (e.g., firewall_handler_s...
CVE-2023-25086
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25083
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25084
CVE-2023-25084 is a buffer-overflow vulnerability in Milesight UR32L v32.3.0.5, triggered by unsafe sprintf usage in the vtysh_ubus firewall_handler_set path. The issue affects the construction of commands using user-controlled fields (ip, mac, description), allowing a high-privilege attacker to ...
CVE-2023-25082
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25082
Milesight UR32L (v32.3.0.5) is affected by CVE-2023-25082 via multiple buffer overflow vulnerabilities in the vtysh_ubus firewall_handler_set path. An attacker with high privileges can trigger arbitrary code execution by sending crafted HTTP requests that abuse unsafe sprintf usage with old_ip/ol...
PT-2023-5145 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set ike profile function of the vtysh ubus binary, due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...