4 matches found
CVE-2023-24018
A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...
Stack overflow
A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-24018
CVE-2023-24018 affects Milesight UR32L v32.3.0.5. Talos reports a stack-based buffer overflow in the libzebra.so.0.0.0 security_decrypt_password function used to decrypt user passwords during configuration (e.g., via the yruo_usermanagement path). The vulnerability arises from decrypting an arbit...
CVE-2023-24018
A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...