Vulnerabilidades em MileSight
93 resultadosCVE-2023-25100HIGHMultiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf patEPSS 1.3%CVE-2023-25097HIGHMultiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf patEPSS 1.3%CVE-2023-25098HIGHMultiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf patEPSS 1.3%CVE-2023-25096HIGHMultiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf patEPSS 1.3%CVE-2023-24018HIGHA stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3EPSS 1.3%CVE-2022-3001HIGHVulnerability in Milesight Video Management Systems (VMS)EPSS 1.2%CVE-2023-30466CRITICALAuthentication Bypass Vulnerability in Milesight Network Video Recorder (NVR)EPSS 1.1%CVE-2023-30467HIGHImproper Authorization Vulnerability in Milesight Network Video Recorder (NVR)EPSS 1.1%CVE-2023-23547MEDIUMA directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted nEPSS 1.1%CVE-2023-23907HIGHA directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network requestEPSS 1.1%CVE-2023-23571HIGHAn access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request caEPSS 0.9%CVE-2026-32649HIGHMilesight Cameras OS Command InjectionEPSS 0.9%CVE-2023-24019HIGHA stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A EPSS 0.9%CVE-2023-22319HIGHA sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network EPSS 0.8%CVE-2023-22844HIGHAn authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-craftEPSS 0.7%CVE-2023-24496MEDIUMCross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-EPSS 0.7%CVE-2023-24497MEDIUMCross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-EPSS 0.7%CVE-2023-47166HIGHA firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted networEPSS 0.6%CVE-2024-27776CRITICALMileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.6%CVE-2023-32220HIGHMilesight NCR/Camera Authentication BypassEPSS 0.6%