| |
Vulnerability CVE-2023-47166
Published: 2024-05-01
| Description: |
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability. |
Type:
CWE-285 (Improper Authorization)
References: |
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
