VYPR
Vendor

Milesight

Products
13
CVEs
94
Across products
100
Status
Private

Products

13

Recent CVEs

94
View all 94 CVEs →
  • CVE-2024-36388CriJun 2, 2024
    risk 0.65cvss 10.0epss 0.00

    MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function

  • CVE-2026-32644CriApr 28, 2026
    risk 0.64cvss 9.8epss 0.00

    Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.

  • CVE-2024-36389CriJun 2, 2024
    risk 0.64cvss 9.8epss 0.01

    MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass

  • CVE-2024-27776CriJun 2, 2024
    risk 0.64cvss 9.8epss 0.01

    MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE

  • CVE-2023-23902CriJul 6, 2023
    risk 0.64cvss 9.8epss 0.02

    A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability.

  • CVE-2023-30466CriApr 28, 2023
    risk 0.64cvss 9.8epss 0.01

    This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this…

  • CVE-2016-2360CriOct 25, 2019
    risk 0.64cvss 9.8epss 0.02

    Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.

  • CVE-2016-2359CriOct 25, 2019
    risk 0.64cvss 9.8epss 0.03

    Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.

  • CVE-2016-2358CriOct 25, 2019
    risk 0.64cvss 9.8epss 0.02

    Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts.

  • CVE-2016-2357CriOct 25, 2019
    risk 0.64cvss 9.8epss 0.02

    Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.

  • CVE-2016-2356CriOct 25, 2019
    risk 0.64cvss 9.8epss 0.03

    Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.

  • CVE-2024-36391CriJun 2, 2024
    risk 0.59cvss 9.1epss 0.00

    MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic

  • CVE-2023-22653HigJul 6, 2023
    risk 0.58cvss 8.8epss 0.07

    An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2026-20766HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

  • CVE-2026-27785HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.

  • CVE-2023-47166HigMay 1, 2024
    risk 0.57cvss 8.8epss 0.01

    A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability.

  • CVE-2023-24583HigJul 6, 2023
    risk 0.57cvss 8.8epss 0.03

    Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these…

  • CVE-2023-24582HigJul 6, 2023
    risk 0.57cvss 8.8epss 0.03

    Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these…

  • CVE-2023-24520HigJul 6, 2023
    risk 0.57cvss 8.8epss 0.03

    Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This…

  • CVE-2023-24519HigJul 6, 2023
    risk 0.57cvss 8.8epss 0.03

    Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This…