CVE-2023-22371
- EPSS 0.25%
- Veröffentlicht 06.07.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:44:38
An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulne...
CVE-2023-22844
- EPSS 0.03%
- Veröffentlicht 06.07.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:45:30
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this v...
CVE-2023-23907
- EPSS 0.24%
- Veröffentlicht 06.07.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:47:04
A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.
CVE-2023-24496
- EPSS 0.17%
- Veröffentlicht 06.07.2023 15:15:11
- Zuletzt bearbeitet 04.11.2025 20:16:17
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to ...
CVE-2023-22319
- EPSS 0.02%
- Veröffentlicht 06.07.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:44:31
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerabili...