Vuldb Updates

A vulnerability classified as critical was found in Milesight UR32L 32.3.0.5. This impacts the function set_l2tp of the file vtysh_ubus of the component HTTP Request Handler. Such manipulation of the argument key leads to stack-based buffer overflow. This vulnerability is listed as CVE-2023-25113. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability has been found in Milesight UR32L 32.3.0.5 and classified as critical. Affected by this issue is the function set_gre of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument key leads to stack-based buffer overflow. This vulnerability is documented as CVE-2023-25111. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been declared as critical. This issue affects the function set_gre of the file vtysh_ubus of the component HTTP Request Handler. Such manipulation of the argument local_ip leads to buffer overflow. This vulnerability is traded as CVE-2023-25109. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been rated as critical. Impacted is the function set_openvpn_client of the file vtysh_ubus of the component HTTP Request Handler. Performing manipulation of the argument local_virtual_ip/local_virtual_mask results in stack-based buffer overflow. This vulnerability is known as CVE-2023-25117. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability categorized as critical has been discovered in Milesight UR32L 32.3.0.5. The affected element is the function set_ike_profile of the file vtysh_ubus of the component HTTP Request Handler. Executing manipulation of the argument secrets_local can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2023-25121. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability, which was classified as critical, has been found in Milesight UR32L 32.3.0.5. This impacts the function set_qos of the component HTTP Request Handler. This manipulation of the argument Source causes stack-based buffer overflow. This vulnerability appears as CVE-2023-25098. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability was found in Milesight UR32L 32.3.0.5 and classified as critical. Affected by this issue is the function set_gre of the file vtysh_ubus of the component HTTP Request Handler. Executing manipulation of the argument remote_ip can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2023-25108. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been classified as critical. This affects the function set_gre of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument remote_virtual_ip leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-25110. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been declared as critical. This vulnerability affects the function set_l2tp of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument remote_mask results in stack-based buffer overflow. This vulnerability was named CVE-2023-25112. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been declared as critical. Affected by this issue is the function set_qos of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument dest results in buffer overflow. This vulnerability is known as CVE-2023-25099. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been rated as critical. This affects the function set_dmvpn of the file vtysh_ubus of the component HTTP Request Handler. This manipulation of the argument gre_key causes stack-based buffer overflow. This vulnerability is handled as CVE-2023-25101. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability identified as critical has been detected in Milesight UR32L 32.3.0.5. This issue affects the function set_dmvpn of the file vtysh_ubus of the component HTTP Handler. Performing manipulation of the argument gre_ip/gre_mask results in buffer overflow. This vulnerability was named CVE-2023-25103. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability labeled as critical has been found in Milesight UR32L 32.3.0.5. Impacted is the function set_dmvpn of the file vtysh_ubus of the component HTTP Request Handler. Executing manipulation of the argument hub_gre_ip can lead to buffer overflow. The identification of this vulnerability is CVE-2023-25102. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in Milesight UR32L 32.3.0.5. The impacted element is the function set_qos of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument default_class results in stack-based buffer overflow. This vulnerability is identified as CVE-2023-25100. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as critical has been found in Milesight UR32L 32.3.0.5. This affects the function set_openvpn_client of the file vtysh_ubus of the component HTTP Request Handler. This manipulation of the argument expert_options causes stack-based buffer overflow. This vulnerability is tracked as CVE-2023-25114. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability, which was classified as critical, was found in Milesight UR32L 32.3.0.5. Affected by this vulnerability is the function set_ike_profile of the file vtysh_ubus of the component HTTP Request Handler. Executing manipulation of the argument username/password can lead to stack-based buffer overflow. This vulnerability is registered as CVE-2023-25104. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in Milesight UR32L 32.3.0.5 and classified as critical. This affects the function set_openvpn_client of the file vtysh_ubus of the component HTTP Request Handler. The manipulation of the argument remote_virtual_ip results in stack-based buffer overflow. This vulnerability is reported as CVE-2023-25116. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in Milesight UR32L 32.3.0.5. It has been classified as critical. This vulnerability affects the function set_gre of the file vtysh_ubus of the component HTTP Request Handler. This manipulation of the argument local_virtual_ip/local_virtual_mask causes buffer overflow. This vulnerability appears as CVE-2023-25106. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability identified as critical has been detected in Milesight UR32L 32.3.0.5. Affected by this issue is the function firewall_handler_set of the file vtysh_ubus of the component HTTP Request Handler. This manipulation of the argument index/to_dport causes buffer overflow. The identification of this vulnerability is CVE-2023-25087. The attack needs to be done within the local network. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in Milesight UR32L 32.3.0.5. This affects the function firewall_handler_set of the file vtysh_ubus of the component HTTP Request Handler. Such manipulation of the argument index/description leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2023-25088. It is possible to launch the attack remotely. Furthermore, an exploit is available.