Skip to main content
CVE-2023-36969 HIGH POC THREAT Act Now

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Cms Made Simple
NVD
CVSS 3.1
8.8
EPSS
49.3%
CVE-2023-24583 HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2023-24582 HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2023-24520 HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2023-24519 HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2023-24018 HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-22653 HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
5.8%
CVE-2023-22299 HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2023-35937 HIGH POC This Week

Metersphere is an open source continuous testing platform. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Metersphere
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24019 HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Ur32L Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-23546 HIGH POC This Week

A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Ur32L Firmware
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2023-22371 HIGH POC This Week

An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Milesightvpn
NVD
CVSS 3.1
8.1
EPSS
3.4%
CVE-2023-36830 HIGH POC PATCH This Week

SQLFluff is a SQL linter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Python Sqlfluff
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-24256 HIGH POC This Week

An issue in the com.nextev.datastatistic component of NIO EC6 Aspen before v3.3.0 allows attackers to escalate privileges via path traversal. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Aspen
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-23907 HIGH POC This Week

A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Milesightvpn
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-23571 HIGH POC This Week

An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ur32L Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-36189 HIGH POC PATCH This Week

SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Langchain
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-25583 HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.5%
CVE-2023-25582 HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.5%
CVE-2023-25124 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25123 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25122 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25121 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25120 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25119 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25118 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25117 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25116 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25115 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25114 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25113 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25112 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25111 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25110 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25109 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25108 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25107 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25106 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25105 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25104 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25103 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25102 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25101 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25100 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25099 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25098 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25097 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25096 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25095 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25094 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy