Filtered by vendor Milesight
Subscribe
Total
89 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4043 | 1 Milesight | 2 Ug65-868m-ea, Ug65-868m-ea Firmware | 2025-06-23 | N/A | N/A |
| An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot. | |||||
| CVE-2023-43261 | 1 Milesight | 12 Ur32, Ur32 Firmware, Ur32l and 9 more | 2025-05-01 | N/A | 7.5 HIGH |
| An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. | |||||
| CVE-2024-36390 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-23 | N/A | 7.5 HIGH |
| MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service | |||||
| CVE-2024-27776 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE | |||||
| CVE-2024-36392 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 6.1 MEDIUM |
| MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2024-36389 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass | |||||
| CVE-2023-24505 | 1 Milesight | 2 Ncr\/camera, Ncr\/camera Firmware | 2025-01-29 | N/A | 7.5 HIGH |
| Milesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified request. | |||||
| CVE-2023-24506 | 1 Milesight | 2 Ncr\/camera, Ncr\/camera Firmware | 2025-01-29 | N/A | 7.5 HIGH |
| Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request. | |||||
| CVE-2023-32220 | 1 Milesight | 2 Ncr\/camera, Ncr\/camera Firmware | 2025-01-06 | N/A | 9.8 CRITICAL |
| Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. | |||||
| CVE-2024-36388 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function | |||||
| CVE-2024-36391 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 7.4 HIGH |
| MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic | |||||
| CVE-2023-47166 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | N/A |
| A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2023-24018 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-25097 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_qos function with the attach_class variable. | |||||
| CVE-2023-43260 | 1 Milesight | 14 Ur32, Ur32 Firmware, Ur32l and 11 more | 2023-10-11 | N/A | 6.1 MEDIUM |
| Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel. | |||||
| CVE-2023-24019 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 8.1 HIGH |
| A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2023-22653 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 8.8 HIGH |
| An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-25083 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the ip and mac variables. | |||||
| CVE-2023-25082 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the old_ip and old_mac variables. | |||||
| CVE-2023-25084 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the ip, mac and description variables. | |||||