Skip to main content

Milesightvpn

5 CVEs product

Monthly

CVE-2023-24496 MEDIUM POC This Month

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS Milesightvpn
NVD
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-23907 HIGH POC This Week

A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Milesightvpn
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-22844 CRITICAL POC Act Now

An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Milesightvpn
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-22371 HIGH POC This Week

An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Milesightvpn
NVD
CVSS 3.1
8.1
EPSS
3.4%
CVE-2023-22319 CRITICAL POC Act Now

A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass SQLi Milesightvpn
NVD
CVSS 3.1
9.8
EPSS
0.9%
EPSS 1% CVSS 4.7
MEDIUM POC This Month

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS Milesightvpn
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Milesightvpn
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Milesightvpn
NVD
EPSS 3% CVSS 8.1
HIGH POC This Week

An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Milesightvpn
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass SQLi Milesightvpn
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy