Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

3 matches found

CNVD
CNVDβ€’added 2023/07/10 12:0 a.m.β€’16 views

Milesight UR32L ys_thirdparty system_user_script function command injection vulnerability

The Milesight UR32L is a 4G industrial router from China's Milesight. A command injection vulnerability exists in the Milesight UR32L ysthirdparty systemuserscript function, which can be exploited by an attacker to execute arbitrary commands on the system...

7.2CVSS8.1AI score0.00265EPSS
Exploits1References1
Cvelist
Cvelistβ€’added 2023/07/06 2:53 p.m.β€’23 views

CVE-2023-24595

An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. A specially crafted series of network requests can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.3AI score0.00265EPSS
Exploits1References1
Talos
Talosβ€’added 2023/07/06 12:0 a.m.β€’31 views

Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1713 Milesight UR32L ysthirdparty systemuserscript OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-24595 SUMMARY An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. ...

7.2CVSS7.5AI score0.00265EPSS
Exploits1
Rows per page
Query Builder