Milesight

Ur32l Firmware

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-47166

  • EPSS 0.17%
  • Veröffentlicht 01.05.2024 16:15:06
  • Zuletzt bearbeitet 04.11.2025 18:15:42

A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulner...

6.1

CVE-2023-43260

Exploit
  • EPSS 0.12%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:23:54

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.

7.5

CVE-2023-43261

Exploit
  • EPSS 93.14%
  • Veröffentlicht 04.10.2023 12:15:10
  • Zuletzt bearbeitet 01.05.2025 18:15:51

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.

7.2

CVE-2023-25120

Exploit
  • EPSS 0.15%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:23

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25117

Exploit
  • EPSS 0.14%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:23

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25118

Exploit
  • EPSS 0.14%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:23

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25119

Exploit
  • EPSS 0.15%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:23

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25121

Exploit
  • EPSS 0.14%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:23

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25122

Exploit
  • EPSS 0.15%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:24

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...

7.2

CVE-2023-25123

Exploit
  • EPSS 0.14%
  • Veröffentlicht 06.07.2023 15:15:15
  • Zuletzt bearbeitet 04.11.2025 20:16:24

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges ...