CVE-2023-25120

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the set_dmvpn function in the Milesight UR32L router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setdmvpn function in Milesight UR32L router microprogramming software arises due to a stack-based buffer overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

PT-2023-5071 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...