milesight

Top products

The 15 most recently published vulnerabilities affecting milesight.

• CVE-2026-20766Milesight Cameras Heap-based Buffer Overflow8.8Apr 27, 2026
• CVE-2026-32649Milesight Cameras OS Command Injection6.8Apr 27, 2026
• CVE-2026-32644Milesight Cameras Use of Hard-coded Cryptographic Key9.8Apr 27, 2026
• CVE-2026-27785Milesight Cameras Use of Hard-coded Credentials8.8Apr 27, 2026
• CVE-2026-28747Milesight Cameras Authorization Bypass Through User-Controlled Key7.1Apr 27, 2026
• CVE-2025-4043Milesight UG65-868M-EA Improper Access Control for Volatile Memory Containing Boot Code6.8May 7, 2025
• CVE-2024-36392MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')6.1Jun 2, 2024
• CVE-2024-36391MileSight DeviceHub - CWE-320: Key Management Errors9.1Jun 2, 2024
• CVE-2024-36390MileSight DeviceHub - CWE-20 Improper Input Validation7.5Jun 2, 2024
• CVE-2024-36389MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values9.8Jun 2, 2024
• CVE-2024-36388MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function10.0Jun 2, 2024
• CVE-2024-27776MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')9.8Jun 2, 2024
• CVE-2023-47166A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attac...8.8May 1, 2024
• CVE-2023-43260Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.6.1Oct 5, 2023
• CVE-2023-43261An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.7.5Oct 4, 2023