Milesight: Security Vulnerabilities
Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-08
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.
Successful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-04-28
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.
Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-04-28
This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the targeted network camera. Successful exploitation of this vulnerability could allow the attacker to cause a Denial of Service condition on the targeted device.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-09-15
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
CVSS Score
9.8
EPSS Score
0.035
Published
2019-10-25
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-10-25
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-10-25
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-10-25
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-10-25
Page 9