Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
123 vulnerabilities by Milesight
CVE-2026-32649 (GCVE-0-2026-32649)
Vulnerability from nvd – Published: 2026-04-27 23:42 – Updated: 2026-04-28 14:42
VLAI
Title
Milesight Cameras OS Command Injection
Summary
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:42:25.685037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:42:37.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eA command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.\u003c/span\u003e"
}
],
"value": "A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:42:44.761Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras OS Command Injection",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32649",
"datePublished": "2026-04-27T23:42:44.761Z",
"dateReserved": "2026-03-12T17:51:09.881Z",
"dateUpdated": "2026-04-28T14:42:37.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32644 (GCVE-0-2026-32644)
Vulnerability from nvd – Published: 2026-04-27 23:40 – Updated: 2026-04-28 14:45
VLAI
Title
Milesight Cameras Use of Hard-coded Cryptographic Key
Summary
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:45:03.298830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:45:19.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:40:25.181Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Cryptographic Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32644",
"datePublished": "2026-04-27T23:40:25.181Z",
"dateReserved": "2026-03-12T17:51:09.896Z",
"dateUpdated": "2026-04-28T14:45:19.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20766 (GCVE-0-2026-20766)
Vulnerability from nvd – Published: 2026-04-27 23:45 – Updated: 2026-04-28 14:39
VLAI
Title
Milesight Cameras Heap-based Buffer Overflow
Summary
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:37:23.854997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:39:17.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eAn out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.\u003c/span\u003e"
}
],
"value": "An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:45:52.896Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Heap-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-20766",
"datePublished": "2026-04-27T23:45:52.896Z",
"dateReserved": "2026-03-12T17:51:09.860Z",
"dateUpdated": "2026-04-28T14:39:17.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27785 (GCVE-0-2026-27785)
Vulnerability from nvd – Published: 2026-04-27 23:38 – Updated: 2026-04-28 12:40
VLAI
Title
Milesight Cameras Use of Hard-coded Credentials
Summary
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T12:40:31.458437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T12:40:37.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:38:10.844Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-27785",
"datePublished": "2026-04-27T23:38:10.844Z",
"dateReserved": "2026-03-12T17:51:09.903Z",
"dateUpdated": "2026-04-28T12:40:37.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-28747 (GCVE-0-2026-28747)
Vulnerability from nvd – Published: 2026-04-27 22:44 – Updated: 2026-04-28 14:35
VLAI
Title
Milesight Cameras Authorization Bypass Through User-Controlled Key
Summary
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T13:40:48.550832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:35:33.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.\u0026nbsp;"
}
],
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:31:53.318Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Authorization Bypass Through User-Controlled Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-28747",
"datePublished": "2026-04-27T22:44:52.012Z",
"dateReserved": "2026-03-12T17:51:09.913Z",
"dateUpdated": "2026-04-28T14:35:33.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36392 (GCVE-0-2024-36392)
Vulnerability from nvd – Published: 2024-06-02 13:24 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36392",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T14:41:35.001164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:37.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\u003c/p\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:24:33.806Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0161",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36392",
"datePublished": "2024-06-02T13:24:33.806Z",
"dateReserved": "2024-05-27T13:04:44.111Z",
"dateUpdated": "2024-08-02T03:37:05.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36391 (GCVE-0-2024-36391)
Vulnerability from nvd – Published: 2024-06-02 13:23 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-320: Key Management Errors
Summary
MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-320 - Key Management Errors
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T18:40:16.845961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:09.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic \u0026nbsp;\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-320",
"description": "CWE-320: Key Management Errors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:23:28.345Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0160",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-320: Key Management Errors",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36391",
"datePublished": "2024-06-02T13:23:28.345Z",
"dateReserved": "2024-05-27T13:04:44.111Z",
"dateUpdated": "2024-08-02T03:37:04.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36390 (GCVE-0-2024-36390)
Vulnerability from nvd – Published: 2024-06-02 13:22 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-20 Improper Input Validation
Summary
MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:45:42.768203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:02.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-20 Improper Input Validation may allow Denial of Service\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-20 Improper Input Validation may allow Denial of Service"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:22:24.377Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0159",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-20 Improper Input Validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36390",
"datePublished": "2024-06-02T13:22:24.377Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:05.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36389 (GCVE-0-2024-36389)
Vulnerability from nvd – Published: 2024-06-02 13:21 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values
Summary
MileSight DeviceHub -
CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:47:51.777014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:24:23.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\n\n\n\n\nCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:21:11.748Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0158",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36389",
"datePublished": "2024-06-02T13:21:11.748Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:04.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36388 (GCVE-0-2024-36388)
Vulnerability from nvd – Published: 2024-06-02 13:14 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
Summary
MileSight DeviceHub -
CWE-305 Missing Authentication for Critical Function
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-305 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T13:49:40.486622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:34.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-305 Missing Authentication for Critical Function\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\n\n\nCWE-305 Missing Authentication for Critical Function"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:19:41.864Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0157",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36388",
"datePublished": "2024-06-02T13:14:46.927Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:04.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27776 (GCVE-0-2024-27776)
Vulnerability from nvd – Published: 2024-06-02 13:13 – Updated: 2024-08-02 00:41
VLAI
Title
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
MileSight DeviceHub -
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:50:39.664911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:42.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:54.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\nCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:13:03.786Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0156",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-27776",
"datePublished": "2024-06-02T13:13:03.786Z",
"dateReserved": "2024-02-26T09:27:55.324Z",
"dateUpdated": "2024-08-02T00:41:54.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-20766 (GCVE-0-2026-20766)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:45 – Updated: 2026-04-28 14:39
VLAI
Title
Milesight Cameras Heap-based Buffer Overflow
Summary
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:37:23.854997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:39:17.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eAn out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.\u003c/span\u003e"
}
],
"value": "An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:45:52.896Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Heap-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-20766",
"datePublished": "2026-04-27T23:45:52.896Z",
"dateReserved": "2026-03-12T17:51:09.860Z",
"dateUpdated": "2026-04-28T14:39:17.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32649 (GCVE-0-2026-32649)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:42 – Updated: 2026-04-28 14:42
VLAI
Title
Milesight Cameras OS Command Injection
Summary
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:42:25.685037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:42:37.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eA command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.\u003c/span\u003e"
}
],
"value": "A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:42:44.761Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras OS Command Injection",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32649",
"datePublished": "2026-04-27T23:42:44.761Z",
"dateReserved": "2026-03-12T17:51:09.881Z",
"dateUpdated": "2026-04-28T14:42:37.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32644 (GCVE-0-2026-32644)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:40 – Updated: 2026-04-28 14:45
VLAI
Title
Milesight Cameras Use of Hard-coded Cryptographic Key
Summary
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T14:45:03.298830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:45:19.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:40:25.181Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Cryptographic Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-32644",
"datePublished": "2026-04-27T23:40:25.181Z",
"dateReserved": "2026-03-12T17:51:09.896Z",
"dateUpdated": "2026-04-28T14:45:19.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27785 (GCVE-0-2026-27785)
Vulnerability from cvelistv5 – Published: 2026-04-27 23:38 – Updated: 2026-04-28 12:40
VLAI
Title
Milesight Cameras Use of Hard-coded Credentials
Summary
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T12:40:31.458437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T12:40:37.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.\u003c/span\u003e"
}
],
"value": "Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:38:10.844Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-27785",
"datePublished": "2026-04-27T23:38:10.844Z",
"dateReserved": "2026-03-12T17:51:09.903Z",
"dateUpdated": "2026-04-28T12:40:37.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-28747 (GCVE-0-2026-28747)
Vulnerability from cvelistv5 – Published: 2026-04-27 22:44 – Updated: 2026-04-28 14:35
VLAI
Title
Milesight Cameras Authorization Bypass Through User-Controlled Key
Summary
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
82 products
| Vendor | Product | Version | |
|---|---|---|---|
| Milesight | MS-Cxx63-PD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx64-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx73-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx75-xxPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx83-xPD |
Affected:
0 , ≤ 51.7.0.77-r12
(custom)
|
|
| Milesight | MS-Cxx74-PA |
Affected:
0 , ≤ 3x.8.0.3-r11
(custom)
|
|
| Milesight | MS-C8477-HPG1 |
Affected:
0 , ≤ 63.8.0.4-r3
(custom)
|
|
| Milesight | MS-C8477-PC |
Affected:
0 , ≤ 48.8.0.4-r3
(custom)
|
|
| Milesight | MS-C5321-FPE |
Affected:
0 , ≤ 62.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx72-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx62-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx52-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxGPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx61-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx67-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx71-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx41-xxxPE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx76-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx65-PE |
Affected:
0 , ≤ 61.8.0.5-r2
(custom)
|
|
| Milesight | MS-Cxx66-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx62-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-Cxx72-xxxG1 |
Affected:
0 , ≤ 63.8.0.5-r3
(custom)
|
|
| Milesight | MS-CQxx31-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx68-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-CQxx72-xxxG1 |
Affected:
0 , ≤ CQ_63.8.0.5-r1
(custom)
|
|
| Milesight | MS-Nxxxx-NxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxC |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxE |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxG |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxH |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | MS-Nxxxx-xxT |
Affected:
0 , ≤ 7x.9.0.19-r5
(custom)
|
|
| Milesight | PMC8266-FPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PMC8266-FGPE |
Affected:
0 , ≤ PO_61.8.0.4_LPR
(custom)
|
|
| Milesight | PM3322-E |
Affected:
0 , ≤ PI_61.8.0.3_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-RFIVPG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4RIWG1 |
Affected:
0 , ≤ T_63.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5510-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r7
(custom)
|
|
| Milesight | TS5510-GH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS5511-GVH |
Affected:
0 , ≤ T_47.8.0.4_LPR-r6
(custom)
|
|
| Milesight | TS2966-X12TPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4PE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS2966-X12TVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RVPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS5366-X12VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4VPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RPE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4441-X36RE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS4466-X4RWE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | TS8266-X4WE |
Affected:
0 , ≤ T_61.8.0.4_LPR-r3
(custom)
|
|
| Milesight | MS-C2964-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2972-RFLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-RFLWPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2866-X4TGPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2841-X36TPC/W |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2867-X5TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS2961-X12TPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | TS8266-FPC/P |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C2966-X12RLVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5366-X12LVPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-C5361-X12LPC |
Affected:
0 , ≤ T_45.8.0.3-r9
(custom)
|
|
| Milesight | MS-Cxx66-xxxxGOPC |
Affected:
0 , ≤ 45.8.0.2-AIoT-r4
(custom)
|
|
| Milesight | SC211 |
Affected:
0 , ≤ C_21.1.0.8-r4
(custom)
|
|
| Milesight | SP111 |
Affected:
0 , ≤ 52.8.0.4-r5
(custom)
|
|
| Milesight | MS-Cxx66-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-RFIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx66-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
|
| Milesight | MS-Cxx72-FIPKG1 |
Affected:
0 , ≤ 63.8.0.4-r1-NX
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-28747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-28T13:40:48.550832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T14:35:33.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MS-Cxx63-PD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx64-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx73-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx75-xxPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx83-xPD",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "51.7.0.77-r12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx74-PA",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "3x.8.0.3-r11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-HPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C8477-PC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "48.8.0.4-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5321-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "62.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx52-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx61-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx67-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx71-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx41-xxxPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx76-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx65-PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "61.8.0.5-r2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx62-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.5-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx31-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx68-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-CQxx72-xxxG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "CQ_63.8.0.5-r1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-NxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxG",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Nxxxx-xxT",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "7x.9.0.19-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PMC8266-FGPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PO_61.8.0.4_LPR",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PM3322-E",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-RFIVPG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4RIWG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_63.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5510-GH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5511-GVH",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_47.8.0.4_LPR-r6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4PE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2966-X12TVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RVPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS5366-X12VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4VPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RPE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4441-X36RE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS4466-X4RWE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-X4WE",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_61.8.0.4_LPR-r3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2964-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2972-RFLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-RFLWPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2866-X4TGPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2841-X36TPC/W",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2867-X5TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS2961-X12TPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TS8266-FPC/P",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C2966-X12RLVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5366-X12LVPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-C5361-X12LPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "T_45.8.0.3-r9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-xxxxGOPC",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "45.8.0.2-AIoT-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SC211",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "C_21.1.0.8-r4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SP111",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "52.8.0.4-r5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-RFIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx66-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MS-Cxx72-FIPKG1",
"vendor": "Milesight",
"versions": [
{
"lessThanOrEqual": "63.8.0.4-r1-NX",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Souvik Kandar reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.\u0026nbsp;"
}
],
"value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T23:31:53.318Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
},
{
"url": "https://www.milesight.com/support/download/firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
}
],
"value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
}
],
"source": {
"advisory": "ICSA-26-113-03",
"discovery": "EXTERNAL"
},
"title": "Milesight Cameras Authorization Bypass Through User-Controlled Key",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2026-28747",
"datePublished": "2026-04-27T22:44:52.012Z",
"dateReserved": "2026-03-12T17:51:09.913Z",
"dateUpdated": "2026-04-28T14:35:33.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-36392 (GCVE-0-2024-36392)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:24 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36392",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T14:41:35.001164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:37.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\u003c/p\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:24:33.806Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0161",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36392",
"datePublished": "2024-06-02T13:24:33.806Z",
"dateReserved": "2024-05-27T13:04:44.111Z",
"dateUpdated": "2024-08-02T03:37:05.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36391 (GCVE-0-2024-36391)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:23 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-320: Key Management Errors
Summary
MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-320 - Key Management Errors
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T18:40:16.845961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:09.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic \u0026nbsp;\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-320",
"description": "CWE-320: Key Management Errors",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:23:28.345Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0160",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-320: Key Management Errors",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36391",
"datePublished": "2024-06-02T13:23:28.345Z",
"dateReserved": "2024-05-27T13:04:44.111Z",
"dateUpdated": "2024-08-02T03:37:04.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36390 (GCVE-0-2024-36390)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:22 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-20 Improper Input Validation
Summary
MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:45:42.768203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:02.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-20 Improper Input Validation may allow Denial of Service\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub -\u00a0CWE-20 Improper Input Validation may allow Denial of Service"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:22:24.377Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0159",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-20 Improper Input Validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36390",
"datePublished": "2024-06-02T13:22:24.377Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:05.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36389 (GCVE-0-2024-36389)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:21 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values
Summary
MileSight DeviceHub -
CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:47:51.777014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:24:23.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\n\n\n\n\nCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:21:11.748Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0158",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36389",
"datePublished": "2024-06-02T13:21:11.748Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:04.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36388 (GCVE-0-2024-36388)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:14 – Updated: 2024-08-02 03:37
VLAI
Title
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
Summary
MileSight DeviceHub -
CWE-305 Missing Authentication for Critical Function
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-305 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T13:49:40.486622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:34.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:04.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-305 Missing Authentication for Critical Function\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\n\n\nCWE-305 Missing Authentication for Critical Function"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:19:41.864Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0157",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-36388",
"datePublished": "2024-06-02T13:14:46.927Z",
"dateReserved": "2024-05-27T13:04:44.110Z",
"dateUpdated": "2024-08-02T03:37:04.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27776 (GCVE-0-2024-27776)
Vulnerability from cvelistv5 – Published: 2024-06-02 13:13 – Updated: 2024-08-02 00:41
VLAI
Title
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
MileSight DeviceHub -
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
Date Public
2024-06-02 13:10
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "devicehub",
"vendor": "milesight",
"versions": [
{
"status": "affected",
"version": "3.0.1-r1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:50:39.664911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:42.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:54.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DeviceHub",
"vendor": "MileSight",
"versions": [
{
"lessThan": "Upgrade to the latest version.",
"status": "affected",
"version": "v3.0.1-r1 for Ubuntu 20.04",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research \u2013 Team 82"
}
],
"datePublic": "2024-06-02T13:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eMileSight DeviceHub - \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "MileSight DeviceHub - \n\nCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-02T13:13:03.786Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2024-0156",
"discovery": "UNKNOWN"
},
"title": "MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2024-27776",
"datePublished": "2024-06-02T13:13:03.786Z",
"dateReserved": "2024-02-26T09:27:55.324Z",
"dateUpdated": "2024-08-02T00:41:54.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-202310-2740
Vulnerability from variot - Updated: 2024-03-29 22:52Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202310-2740",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur52",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur35",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur32",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur32l",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur55",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur41",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur51",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur51_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur51:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur52_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur55_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur35_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur35:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur41_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur41:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"cve": "CVE-2023-43260",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-43260",
"trust": 1.0,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-43260",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"id": "VAR-202310-2740",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5878378
},
"last_update_date": "2024-03-29T22:52:04.320000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://gist.github.com/win3zz/c7eda501edcf5383df32fabe00938d13"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-10-05T19:15:11.573000",
"db": "NVD",
"id": "CVE-2023-43260"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-10-11T17:37:27.503000",
"db": "NVD",
"id": "CVE-2023-43260"
}
]
}
}
VAR-202310-0004
Vulnerability from variot - Updated: 2024-02-07 23:22An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202310-0004",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur35",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur32l",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur5x",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur41",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
},
{
"model": "ur32",
"scope": "lt",
"trust": 1.0,
"vendor": "milesight",
"version": "35.3.0.7"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur5x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur51:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:milesight:ur52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:milesight:ur55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur35_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur35:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur41_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "35.3.0.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur41:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"cve": "CVE-2023-43261",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-43261",
"trust": 1.0,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43261"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-43261",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "176988",
"trust": 1.0
},
{
"db": "VULMON",
"id": "CVE-2023-43261",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-43261"
},
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"id": "VAR-202310-0004",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5878378
},
"last_update_date": "2024-02-07T23:22:09.770000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "",
"trust": 0.1,
"url": "https://github.com/win3zz/cve-2023-43261 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-43261"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-532",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://github.com/win3zz/cve-2023-43261"
},
{
"trust": 1.0,
"url": "http://milesight.com"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/176988/milesight-ur5x-ur32l-ur32-ur35-ur41-credential-leakage.html"
},
{
"trust": 1.0,
"url": "http://ur5x.com"
},
{
"trust": 1.0,
"url": "https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf"
},
{
"trust": 1.0,
"url": "https://support.milesight-iot.com/support/home"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-43261"
},
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-43261"
},
{
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-10-04T12:15:10.627000",
"db": "NVD",
"id": "CVE-2023-43261"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-05T17:15:08.780000",
"db": "NVD",
"id": "CVE-2023-43261"
}
]
}
}
VAR-202307-0171
Vulnerability from variot - Updated: 2024-01-18 23:01A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. Milesight Technology of ur32l Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Francesco Benvenuto of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
}
],
"trust": 0.6
},
"cve": "CVE-2023-24019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2023-65480",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-24019",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-24019",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-24019",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-65480",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-367",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. Milesight Technology of ur32l Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24019"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "VULMON",
"id": "CVE-2023-24019"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-24019",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1718",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65480",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-367",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-24019",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "VULMON",
"id": "CVE-2023-24019"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"id": "VAR-202307-0171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
}
]
},
"last_update_date": "2024-01-18T23:01:36.987000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1718"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-24019"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-24019/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "VULMON",
"id": "CVE-2023-24019"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"db": "VULMON",
"id": "CVE-2023-24019"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24019"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"date": "2023-07-06T15:15:11.867000",
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65480"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24019"
},
{
"date": "2024-01-12T08:11:00",
"db": "JVNDB",
"id": "JVNDB-2023-019441"
},
{
"date": "2023-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-367"
},
{
"date": "2023-08-02T15:34:21.127000",
"db": "NVD",
"id": "CVE-2023-24019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-367"
}
],
"trust": 0.6
}
}
VAR-202307-0253
Vulnerability from variot - Updated: 2024-01-18 23:01A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Milesight Technology of ur32l A certificate validation vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0253",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Francesco Benvenuto of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
}
],
"trust": 0.6
},
"cve": "CVE-2023-23546",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2023-65485",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-23546",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-23546",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-23546",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2023-65485",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-356",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Milesight Technology of ur32l A certificate validation vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-23546"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "VULMON",
"id": "CVE-2023-23546"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-23546",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1705",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65485",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-356",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-23546",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "VULMON",
"id": "CVE-2023-23546"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"id": "VAR-202307-0253",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
}
]
},
"last_update_date": "2024-01-18T23:01:36.956000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
},
{
"problemtype": "Illegal certificate verification (CWE-295) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1705"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-23546"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-23546/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "VULMON",
"id": "CVE-2023-23546"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"db": "VULMON",
"id": "CVE-2023-23546"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-23546"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"date": "2023-07-06T15:15:11.343000",
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65485"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-23546"
},
{
"date": "2024-01-12T08:13:00",
"db": "JVNDB",
"id": "JVNDB-2023-019454"
},
{
"date": "2023-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-356"
},
{
"date": "2023-07-13T17:10:31.897000",
"db": "NVD",
"id": "CVE-2023-23546"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 Certificate validation vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019454"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-356"
}
],
"trust": 0.6
}
}
VAR-202307-0353
Vulnerability from variot - Updated: 2024-01-18 22:53An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Francesco Benvenuto of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
}
],
"trust": 0.6
},
"cve": "CVE-2023-22659",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2023-65497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-22659",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-22659",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-22659",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-65497",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-417",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22659"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "VULMON",
"id": "CVE-2023-22659"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-22659",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1699",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65497",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-417",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-22659",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "VULMON",
"id": "CVE-2023-22659"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"id": "VAR-202307-0353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
}
]
},
"last_update_date": "2024-01-18T22:53:34.373000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Milesight UR32L libzebra.so change_hostname function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/455186"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1699"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-22659"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-22659/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "VULMON",
"id": "CVE-2023-22659"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"db": "VULMON",
"id": "CVE-2023-22659"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22659"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"date": "2023-07-06T15:15:11.200000",
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65497"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22659"
},
{
"date": "2024-01-12T08:13:00",
"db": "JVNDB",
"id": "JVNDB-2023-019457"
},
{
"date": "2023-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-417"
},
{
"date": "2023-07-13T17:17:26.230000",
"db": "NVD",
"id": "CVE-2023-22659"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019457"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-417"
}
],
"trust": 0.6
}
}
VAR-202307-0254
Vulnerability from variot - Updated: 2024-01-18 22:52An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send an HTTP request to trigger this vulnerability. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0254",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Francesco Benvenuto of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
}
],
"trust": 0.6
},
"cve": "CVE-2023-22653",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-65487",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-22653",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-22653",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-22653",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-65487",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-353",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to command execution. An authenticated attacker can send an HTTP request to trigger this vulnerability. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-22653"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "VULMON",
"id": "CVE-2023-22653"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-22653",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1714",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65487",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-353",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-22653",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "VULMON",
"id": "CVE-2023-22653"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"id": "VAR-202307-0254",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
}
]
},
"last_update_date": "2024-01-18T22:52:35.622000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Milesight UR32L vtysh_ubus tcpdump_start_cb function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/455141"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1714"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-22653"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-22653/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "VULMON",
"id": "CVE-2023-22653"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"db": "VULMON",
"id": "CVE-2023-22653"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22653"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"date": "2023-07-06T15:15:11.130000",
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65487"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-22653"
},
{
"date": "2024-01-12T08:13:00",
"db": "JVNDB",
"id": "JVNDB-2023-019458"
},
{
"date": "2023-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-353"
},
{
"date": "2023-08-02T15:34:59.683000",
"db": "NVD",
"id": "CVE-2023-22653"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019458"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-353"
}
],
"trust": 0.6
}
}
VAR-202307-0275
Vulnerability from variot - Updated: 2024-01-18 22:52Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the trace tool utility. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0275",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"cve": "CVE-2023-24520",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-65489",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-24520",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-24520",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-24520",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-65489",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-407",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the trace tool utility. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24520"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "VULMON",
"id": "CVE-2023-24520"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-24520",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1706",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65489",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-407",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-24520",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "VULMON",
"id": "CVE-2023-24520"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"id": "VAR-202307-0275",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
}
]
},
"last_update_date": "2024-01-18T22:52:35.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 function command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/455151"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1706"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-24520"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-24520/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "VULMON",
"id": "CVE-2023-24520"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"db": "VULMON",
"id": "CVE-2023-24520"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24520"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"date": "2023-07-06T15:15:12.180000",
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65489"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24520"
},
{
"date": "2024-01-12T08:11:00",
"db": "JVNDB",
"id": "JVNDB-2023-019435"
},
{
"date": "2023-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-407"
},
{
"date": "2023-07-13T18:06:51.957000",
"db": "NVD",
"id": "CVE-2023-24520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019435"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-407"
}
],
"trust": 0.6
}
}
VAR-202307-0299
Vulnerability from variot - Updated: 2024-01-18 22:52Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the ping tool utility. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ur32l",
"scope": "eq",
"trust": 1.0,
"vendor": "milesight",
"version": "32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": "ur32l firmware 32.3.0.5"
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": null,
"trust": 0.8,
"vendor": "milesight",
"version": null
},
{
"model": "ur32l",
"scope": "eq",
"trust": 0.6,
"vendor": "milesight",
"version": "v32.3.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"cve": "CVE-2023-24519",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-65490",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-24519",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-24519",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2023-24519",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-65490",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-408",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the ping tool utility. (DoS) It may be in a state. Milesight UR32L is a 4G industrial router produced by China Milesight",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-24519"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "VULMON",
"id": "CVE-2023-24519"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-24519",
"trust": 3.9
},
{
"db": "TALOS",
"id": "TALOS-2023-1706",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65490",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-408",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-24519",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "VULMON",
"id": "CVE-2023-24519"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"id": "VAR-202307-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
}
],
"trust": 1.1878378
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
}
]
},
"last_update_date": "2024-01-18T22:52:35.565000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 function command injection vulnerability (CNVD-2023-65490)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/455156"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2023-1706"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-24519"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-24519/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "VULMON",
"id": "CVE-2023-24519"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"db": "VULMON",
"id": "CVE-2023-24519"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24519"
},
{
"date": "2024-01-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"date": "2023-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"date": "2023-07-06T15:15:12.107000",
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65490"
},
{
"date": "2023-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2023-24519"
},
{
"date": "2024-01-12T08:11:00",
"db": "JVNDB",
"id": "JVNDB-2023-019436"
},
{
"date": "2023-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-408"
},
{
"date": "2023-07-13T18:08:24.150000",
"db": "NVD",
"id": "CVE-2023-24519"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Milesight\u00a0Technology\u00a0 of \u00a0ur32l\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-019436"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-408"
}
],
"trust": 0.6
}
}