Milesight: >> Ur32l Firmware >> 32.3.0.7-r2 Security Vulnerabilities
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-01
Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-10-05
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.
CVSS Score
7.5
EPSS Score
0.931
Published
2023-10-04