Skip to main content

Ur32L Firmware

65 CVEs product

Monthly

CVE-2023-43260 MEDIUM POC This Month

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ur51 Firmware Ur52 Firmware Ur55 Firmware Ur32L Firmware +3
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-43261 HIGH POC THREAT Act Now

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 60.1%.

Information Disclosure Ur5X Firmware Ur32L Firmware Ur32 Firmware Ur35 Firmware +1
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
60.1%
Threat
4.8
CVE-2023-25583 HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.5%
CVE-2023-25582 HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.5%
CVE-2023-25124 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25123 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25122 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25121 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25120 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25119 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25118 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25117 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25116 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25115 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25114 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25113 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25112 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25111 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25110 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25109 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25108 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25107 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25106 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25105 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25104 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25103 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25102 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25101 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25100 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25099 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25098 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25097 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25096 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25095 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25094 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25093 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25092 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25091 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25090 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25089 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25088 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25087 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25086 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25085 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25084 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25083 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25082 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-25081 HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-24595 HIGH POC This Week

An OS command injection vulnerability exists in the ys_thirdparty system_user_script functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2023-24583 HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2023-24582 HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2023-24520 HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2023-24519 HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2023-24019 HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Ur32L Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2023-24018 HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-23902 CRITICAL POC Act Now

A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE Ur32L Firmware
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2023-23571 HIGH POC This Week

An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ur32L Firmware
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-23550 HIGH POC This Week

An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.6%
CVE-2023-23547 MEDIUM POC This Month

A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ur32L Firmware
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-23546 HIGH POC This Week

A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Ur32L Firmware
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2023-22659 HIGH POC This Week

An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.7%
CVE-2023-22653 HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
5.8%
CVE-2023-22365 HIGH This Week

An OS command injection vulnerability exists in the ys_thirdparty check_system_user functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2023-22306 HIGH POC This Week

An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
7.2
EPSS
3.6%
CVE-2023-22299 HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ur51 Firmware Ur52 Firmware +5
NVD GitHub
EPSS 60% 4.8 CVSS 7.5
HIGH POC THREAT Act Now

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 60.1%.

Information Disclosure Ur5X Firmware Ur32L Firmware +3
NVD GitHub VulDB
EPSS 4% CVSS 7.2
HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 2% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 2% CVSS 7.2
HIGH POC This Week

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

An OS command injection vulnerability exists in the ys_thirdparty system_user_script functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Ur32L Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Ur32L Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ur32L Firmware
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ur32L Firmware
NVD
EPSS 1% CVSS 8.1
HIGH POC This Week

A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Ur32L Firmware
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 6% CVSS 8.8
HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS command injection vulnerability exists in the ys_thirdparty check_system_user functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ur32L Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy