Skip to main content

Ur32 Firmware

2 CVEs product

Monthly

CVE-2023-43260 MEDIUM POC This Month

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ur51 Firmware Ur52 Firmware Ur55 Firmware Ur32L Firmware +3
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-43261 HIGH POC THREAT Act Now

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 60.1%.

Information Disclosure Ur5X Firmware Ur32L Firmware Ur32 Firmware Ur35 Firmware +1
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
60.1%
Threat
4.8
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ur51 Firmware Ur52 Firmware +5
NVD GitHub
EPSS 60% 4.8 CVSS 7.5
HIGH POC THREAT Act Now

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 60.1%.

Information Disclosure Ur5X Firmware Ur32L Firmware +3
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy