3 matches found
PT-2023-5082 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set dmvpn function of the Milesight UR32L router's firmware, due to the use of an unsafe sprintf pattern. This can be exploited by a...
Information disclosure
DISPUTED OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods i.e., achieve ubus access over HTTP that were only supposed to be accessible to a specific user, as demonstrated by the file, log,...
CVE-2018-11116
OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods i.e., achieve ubus access over HTTP that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and servi...