94 matches found
CVE-2023-23902
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability...
CVE-2023-23902
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability...
Buffer overflow
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability...
CVE-2023-23902
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability...
CVE-2023-23902
Milesight UR32L (v32.3.0.5) contains a pre-authentication, stack-based buffer overflow in uhttpd during login decryption (decrypt_string), enabling remote code execution (RCE) via specially crafted network traffic. Talos TALOS-2023-1697 documents CVE-2023-23902 as the vulnerability, with CVSS v3....
PT-2023-4165 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: A buffer overflow vulnerability exists in the uhttpd login functionality, allowing remote code execution through a specially crafted network request. An attacker can exploit this issue by sending ...
Milesight UR32L uhttpd login buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...
The vulnerability of the strcpy() function in Netgear N300 wireless router microprogramming software allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the strcpy function implementation in Netgear N300 wireless router microprogramming software WNR2000v4 is related to the issue of writing operations beyond the buffer boundaries when processing configuration files for uHTTPd web servers. Exploiting this vulnerability allows a...
Security Advisory 2022-10-04-1 - wolfSSL buffer overflow during a TLS 1.3 handshake (CVE-2022-39173)
DESCRIPTION In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow on server during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are...
CVE-2022-37232
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy...
CVE-2022-37232
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy...
Stack overflow
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy...
CVE-2022-37232
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy...
CVE-2022-37232
CVE-2022-37232 affects Netgear N300 wireless router WNR2000v4 with firmware version V1.0.0.70. The vulnerability is a buffer overflow in the uhttpd web server caused by strcpy, leading to a stack overflow. CVSS v3.1 base score is 9.8 (Network attack, high impact on confidentiality, integrity, and...
CVE-2022-31937
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd...
Stack overflow
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd...
CVE-2022-31937
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd...
CVE-2022-31937
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd...
CVE-2022-31937
CVE-2022-31937 affects Netgear N300 wireless router (model wnr2000v4) with firmware version 1.0.0.70, describing a stack overflow via strcpy in the uhttpd component. The public descriptions consistently identify a buffer overflow in the web server (uhttpd) as the root cause, leading to potential ...
NETGEAR N300 缓冲区错误漏洞
NETGEAR N300 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR N300 wireless router firmware version wnr2000v4-V1.0.0.70, which originates from a stack overflow in strcpy in its uhttpd component...