Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

93 vulnerabilities by milesight

CVE-2026-20766 (GCVE-0-2026-20766)

Vulnerability from cvelistv5 – Published: 2026-04-27 23:45 – Updated: 2026-04-28 14:39
VLAI?
Title
Milesight Cameras Heap-based Buffer Overflow
Summary
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
Severity ?
8.6 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight MS-Cxx63-PD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx64-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx73-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx75-xxPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx83-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx74-PA Affected: 0 , ≤ 3x.8.0.3-r11 (custom)
Create a notification for this product.
    Milesight MS-C8477-HPG1 Affected: 0 , ≤ 63.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C8477-PC Affected: 0 , ≤ 48.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C5321-FPE Affected: 0 , ≤ 62.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx52-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxGPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx61-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx67-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx71-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx41-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx76-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx65-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-CQxx31-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx68-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx72-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-NxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxC Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxG Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxH Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxT Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight PMC8266-FPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PMC8266-FGPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PM3322-E Affected: 0 , ≤ PI_61.8.0.3_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5510-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r7 (custom)
Create a notification for this product.
    Milesight TS5510-GH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS5511-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS2966-X12TPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS2966-X12TVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RWE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4WE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight MS-C2964-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2972-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-RFLWPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TGPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC/W Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2867-X5TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2961-X12TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS8266-FPC/P Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5361-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxxGOPC Affected: 0 , ≤ 45.8.0.2-AIoT-r4 (custom)
Create a notification for this product.
    Milesight SC211 Affected: 0 , ≤ C_21.1.0.8-r4 (custom)
Create a notification for this product.
    Milesight SP111 Affected: 0 , ≤ 52.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx66-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
Credits
Souvik Kandar reported these vulnerabilities to CISA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20766",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-28T14:37:23.854997Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T14:39:17.799Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx63-PD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx64-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx73-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx75-xxPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx83-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx74-PA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "3x.8.0.3-r11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-HPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-PC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "48.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5321-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "62.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx52-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx61-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx67-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx71-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx41-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx76-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx65-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx31-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx68-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-NxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PM3322-E",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5511-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RWE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4WE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2964-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2972-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-RFLWPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TGPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC/W",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2867-X5TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2961-X12TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-FPC/P",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5361-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxxGOPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "45.8.0.2-AIoT-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SC211",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "C_21.1.0.8-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SP111",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "52.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported these vulnerabilities to CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eAn out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.\u003c/span\u003e"
            }
          ],
          "value": "An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T23:45:52.896Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
        },
        {
          "url": "https://www.milesight.com/support/download/firmware"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
            }
          ],
          "value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
        }
      ],
      "source": {
        "advisory": "ICSA-26-113-03",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight Cameras Heap-based Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-20766",
    "datePublished": "2026-04-27T23:45:52.896Z",
    "dateReserved": "2026-03-12T17:51:09.860Z",
    "dateUpdated": "2026-04-28T14:39:17.799Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32649 (GCVE-0-2026-32649)

Vulnerability from cvelistv5 – Published: 2026-04-27 23:42 – Updated: 2026-04-28 14:42
VLAI?
Title
Milesight Cameras OS Command Injection
Summary
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.
Severity ?
7.3 (High)
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
6.8 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight MS-Cxx63-PD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx64-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx73-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx75-xxPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx83-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx74-PA Affected: 0 , ≤ 3x.8.0.3-r11 (custom)
Create a notification for this product.
    Milesight MS-C8477-HPG1 Affected: 0 , ≤ 63.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C8477-PC Affected: 0 , ≤ 48.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C5321-FPE Affected: 0 , ≤ 62.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx52-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxGPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx61-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx67-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx71-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx41-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx76-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx65-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-CQxx31-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx68-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx72-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-NxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxC Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxG Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxH Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxT Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight PMC8266-FPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PMC8266-FGPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PM3322-E Affected: 0 , ≤ PI_61.8.0.3_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5510-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r7 (custom)
Create a notification for this product.
    Milesight TS5510-GH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS5511-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS2966-X12TPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS2966-X12TVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RWE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4WE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight MS-C2964-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2972-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-RFLWPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TGPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC/W Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2867-X5TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2961-X12TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS8266-FPC/P Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5361-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxxGOPC Affected: 0 , ≤ 45.8.0.2-AIoT-r4 (custom)
Create a notification for this product.
    Milesight SC211 Affected: 0 , ≤ C_21.1.0.8-r4 (custom)
Create a notification for this product.
    Milesight SP111 Affected: 0 , ≤ 52.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx66-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
Credits
Souvik Kandar reported these vulnerabilities to CISA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32649",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-28T14:42:25.685037Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T14:42:37.926Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx63-PD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx64-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx73-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx75-xxPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx83-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx74-PA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "3x.8.0.3-r11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-HPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-PC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "48.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5321-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "62.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx52-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx61-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx67-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx71-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx41-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx76-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx65-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx31-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx68-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-NxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PM3322-E",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5511-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RWE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4WE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2964-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2972-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-RFLWPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TGPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC/W",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2867-X5TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2961-X12TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-FPC/P",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5361-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxxGOPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "45.8.0.2-AIoT-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SC211",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "C_21.1.0.8-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SP111",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "52.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported these vulnerabilities to CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eA command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.\u003c/span\u003e"
            }
          ],
          "value": "A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T23:42:44.761Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
        },
        {
          "url": "https://www.milesight.com/support/download/firmware"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
            }
          ],
          "value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
        }
      ],
      "source": {
        "advisory": "ICSA-26-113-03",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight Cameras OS Command Injection",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-32649",
    "datePublished": "2026-04-27T23:42:44.761Z",
    "dateReserved": "2026-03-12T17:51:09.881Z",
    "dateUpdated": "2026-04-28T14:42:37.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32644 (GCVE-0-2026-32644)

Vulnerability from cvelistv5 – Published: 2026-04-27 23:40 – Updated: 2026-04-28 14:45
VLAI?
Title
Milesight Cameras Use of Hard-coded Cryptographic Key
Summary
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
Severity ?
9.2 (Critical)
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight MS-Cxx63-PD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx64-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx73-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx75-xxPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx83-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx74-PA Affected: 0 , ≤ 3x.8.0.3-r11 (custom)
Create a notification for this product.
    Milesight MS-C8477-HPG1 Affected: 0 , ≤ 63.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C8477-PC Affected: 0 , ≤ 48.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C5321-FPE Affected: 0 , ≤ 62.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx52-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxGPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx61-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx67-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx71-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx41-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx76-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx65-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-CQxx31-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx68-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx72-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-NxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxC Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxG Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxH Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxT Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight PMC8266-FPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PMC8266-FGPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PM3322-E Affected: 0 , ≤ PI_61.8.0.3_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5510-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r7 (custom)
Create a notification for this product.
    Milesight TS5510-GH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS5511-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS2966-X12TPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS2966-X12TVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RWE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4WE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight MS-C2964-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2972-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-RFLWPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TGPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC/W Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2867-X5TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2961-X12TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS8266-FPC/P Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5361-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxxGOPC Affected: 0 , ≤ 45.8.0.2-AIoT-r4 (custom)
Create a notification for this product.
    Milesight SC211 Affected: 0 , ≤ C_21.1.0.8-r4 (custom)
Create a notification for this product.
    Milesight SP111 Affected: 0 , ≤ 52.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx66-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
Credits
Souvik Kandar reported these vulnerabilities to CISA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32644",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-28T14:45:03.298830Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T14:45:19.107Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx63-PD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx64-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx73-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx75-xxPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx83-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx74-PA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "3x.8.0.3-r11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-HPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-PC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "48.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5321-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "62.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx52-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx61-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx67-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx71-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx41-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx76-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx65-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx31-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx68-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-NxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PM3322-E",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5511-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RWE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4WE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2964-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2972-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-RFLWPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TGPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC/W",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2867-X5TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2961-X12TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-FPC/P",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5361-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxxGOPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "45.8.0.2-AIoT-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SC211",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "C_21.1.0.8-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SP111",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "52.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported these vulnerabilities to CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.\u003c/span\u003e"
            }
          ],
          "value": "Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T23:40:25.181Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
        },
        {
          "url": "https://www.milesight.com/support/download/firmware"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
            }
          ],
          "value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
        }
      ],
      "source": {
        "advisory": "ICSA-26-113-03",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight Cameras Use of Hard-coded Cryptographic Key",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-32644",
    "datePublished": "2026-04-27T23:40:25.181Z",
    "dateReserved": "2026-03-12T17:51:09.896Z",
    "dateUpdated": "2026-04-28T14:45:19.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27785 (GCVE-0-2026-27785)

Vulnerability from cvelistv5 – Published: 2026-04-27 23:38 – Updated: 2026-04-28 12:40
VLAI?
Title
Milesight Cameras Use of Hard-coded Credentials
Summary
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
Severity ?
7.7 (High)
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.8 (High)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight MS-Cxx63-PD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx64-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx73-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx75-xxPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx83-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx74-PA Affected: 0 , ≤ 3x.8.0.3-r11 (custom)
Create a notification for this product.
    Milesight MS-C8477-HPG1 Affected: 0 , ≤ 63.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C8477-PC Affected: 0 , ≤ 48.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C5321-FPE Affected: 0 , ≤ 62.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx52-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxGPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx61-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx67-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx71-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx41-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx76-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx65-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-CQxx31-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx68-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx72-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-NxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxC Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxG Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxH Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxT Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight PMC8266-FPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PMC8266-FGPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PM3322-E Affected: 0 , ≤ PI_61.8.0.3_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5510-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r7 (custom)
Create a notification for this product.
    Milesight TS5510-GH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS5511-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS2966-X12TPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS2966-X12TVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RWE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4WE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight MS-C2964-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2972-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-RFLWPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TGPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC/W Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2867-X5TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2961-X12TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS8266-FPC/P Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5361-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxxGOPC Affected: 0 , ≤ 45.8.0.2-AIoT-r4 (custom)
Create a notification for this product.
    Milesight SC211 Affected: 0 , ≤ C_21.1.0.8-r4 (custom)
Create a notification for this product.
    Milesight SP111 Affected: 0 , ≤ 52.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx66-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
Credits
Souvik Kandar reported these vulnerabilities to CISA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27785",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-28T12:40:31.458437Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T12:40:37.832Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx63-PD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx64-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx73-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx75-xxPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx83-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx74-PA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "3x.8.0.3-r11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-HPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-PC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "48.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5321-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "62.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx52-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx61-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx67-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx71-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx41-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx76-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx65-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx31-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx68-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-NxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PM3322-E",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5511-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RWE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4WE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2964-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2972-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-RFLWPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TGPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC/W",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2867-X5TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2961-X12TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-FPC/P",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5361-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxxGOPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "45.8.0.2-AIoT-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SC211",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "C_21.1.0.8-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SP111",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "52.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported these vulnerabilities to CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eSpecific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.\u003c/span\u003e"
            }
          ],
          "value": "Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T23:38:10.844Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
        },
        {
          "url": "https://www.milesight.com/support/download/firmware"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
            }
          ],
          "value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
        }
      ],
      "source": {
        "advisory": "ICSA-26-113-03",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight Cameras Use of Hard-coded Credentials",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-27785",
    "datePublished": "2026-04-27T23:38:10.844Z",
    "dateReserved": "2026-03-12T17:51:09.903Z",
    "dateUpdated": "2026-04-28T12:40:37.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-28747 (GCVE-0-2026-28747)

Vulnerability from cvelistv5 – Published: 2026-04-27 22:44 – Updated: 2026-04-28 14:35
VLAI?
Title
Milesight Cameras Authorization Bypass Through User-Controlled Key
Summary
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
Severity ?
7.3 (High)
CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.1 (High)
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight MS-Cxx63-PD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx64-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx73-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx75-xxPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx83-xPD Affected: 0 , ≤ 51.7.0.77-r12 (custom)
Create a notification for this product.
    Milesight MS-Cxx74-PA Affected: 0 , ≤ 3x.8.0.3-r11 (custom)
Create a notification for this product.
    Milesight MS-C8477-HPG1 Affected: 0 , ≤ 63.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C8477-PC Affected: 0 , ≤ 48.8.0.4-r3 (custom)
Create a notification for this product.
    Milesight MS-C5321-FPE Affected: 0 , ≤ 62.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx52-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxGPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx61-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx67-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx71-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx41-xxxPE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx76-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx65-PE Affected: 0 , ≤ 61.8.0.5-r2 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx62-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-Cxx72-xxxG1 Affected: 0 , ≤ 63.8.0.5-r3 (custom)
Create a notification for this product.
    Milesight MS-CQxx31-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx68-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-CQxx72-xxxG1 Affected: 0 , ≤ CQ_63.8.0.5-r1 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-NxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxC Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxE Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxG Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxH Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight MS-Nxxxx-xxT Affected: 0 , ≤ 7x.9.0.19-r5 (custom)
Create a notification for this product.
    Milesight PMC8266-FPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PMC8266-FGPE Affected: 0 , ≤ PO_61.8.0.4_LPR (custom)
Create a notification for this product.
    Milesight PM3322-E Affected: 0 , ≤ PI_61.8.0.3_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-RFIVPG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4RIWG1 Affected: 0 , ≤ T_63.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5510-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r7 (custom)
Create a notification for this product.
    Milesight TS5510-GH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS5511-GVH Affected: 0 , ≤ T_47.8.0.4_LPR-r6 (custom)
Create a notification for this product.
    Milesight TS2966-X12TPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4PE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS2966-X12TVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RVPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS5366-X12VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4VPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RPE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4441-X36RE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS4466-X4RWE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight TS8266-X4WE Affected: 0 , ≤ T_61.8.0.4_LPR-r3 (custom)
Create a notification for this product.
    Milesight MS-C2964-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2972-RFLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-RFLWPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2866-X4TGPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2841-X36TPC/W Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2867-X5TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS2961-X12TPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight TS8266-FPC/P Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C2966-X12RLVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5366-X12LVPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-C5361-X12LPC Affected: 0 , ≤ T_45.8.0.3-r9 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-xxxxGOPC Affected: 0 , ≤ 45.8.0.2-AIoT-r4 (custom)
Create a notification for this product.
    Milesight SC211 Affected: 0 , ≤ C_21.1.0.8-r4 (custom)
Create a notification for this product.
    Milesight SP111 Affected: 0 , ≤ 52.8.0.4-r5 (custom)
Create a notification for this product.
    Milesight MS-Cxx66-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-RFIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx66-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
    Milesight MS-Cxx72-FIPKG1 Affected: 0 , ≤ 63.8.0.4-r1-NX (custom)
Create a notification for this product.
Credits
Souvik Kandar reported these vulnerabilities to CISA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-28747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-28T13:40:48.550832Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T14:35:33.191Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx63-PD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx64-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx73-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx75-xxPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx83-xPD",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "51.7.0.77-r12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx74-PA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "3x.8.0.3-r11",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-HPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C8477-PC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "48.8.0.4-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5321-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "62.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx52-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx61-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx67-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx71-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx41-xxxPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx76-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx65-PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "61.8.0.5-r2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx62-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.5-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx31-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx68-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-CQxx72-xxxG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "CQ_63.8.0.5-r1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-NxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "7x.9.0.19-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PMC8266-FGPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PO_61.8.0.4_LPR",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PM3322-E",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "PI_61.8.0.3_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-RFIVPG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4RIWG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_63.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5510-GH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5511-GVH",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_47.8.0.4_LPR-r6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4PE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2966-X12TVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RVPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS5366-X12VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4VPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RPE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4441-X36RE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS4466-X4RWE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-X4WE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_61.8.0.4_LPR-r3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2964-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2972-RFLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-RFLWPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2866-X4TGPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2841-X36TPC/W",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2867-X5TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS2961-X12TPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TS8266-FPC/P",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C2966-X12RLVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5366-X12LVPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-C5361-X12LPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "T_45.8.0.3-r9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-xxxxGOPC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "45.8.0.2-AIoT-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SC211",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "C_21.1.0.8-r4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SP111",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "52.8.0.4-r5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-RFIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx66-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MS-Cxx72-FIPKG1",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThanOrEqual": "63.8.0.4-r1-NX",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Souvik Kandar reported these vulnerabilities to CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.\u0026nbsp;"
            }
          ],
          "value": "A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-639",
              "description": "CWE-639",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T23:31:53.318Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-113-03.json"
        },
        {
          "url": "https://www.milesight.com/support/download/firmware"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u0026nbsp;\u003cbr\u003e\u003ca href=\"https://www.milesight.com/support/download/firmware\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMS-Cxx63-PD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx64-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx73-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx75-xxPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx83-xPD: Update to 51.7.0.77-r13\u003c/p\u003e\u003cp\u003eMS-Cxx74-PA: Update to 3x.8.0.3-r13\u003c/p\u003e\u003cp\u003eMS-C8477-HPG1: Update to 63.8.0.4-r4\u003c/p\u003e\u003cp\u003e\u0026nbsp;MS-C8477-PC: Update to 48.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C5321-FPE: Update to 62.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx76-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx65-PE: Update to 61.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\u003c/p\u003e\u003cp\u003eMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u0026nbsp;\u003c/p\u003e\u003cp\u003eMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\u003c/p\u003e\u003cp\u003eMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003eMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\u003c/p\u003e\u003cp\u003ePMC8266-FPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePMC8266-FGPE: Update to PO_61.8.0.4-r1\u003c/p\u003e\u003cp\u003ePM3322-E: Update to PI_61.8.0.3-r5\u003c/p\u003e\u003cp\u003eTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u0026nbsp;\u003c/p\u003e\u003cp\u003eTS5366-X12RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-RFIVPG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4RIWG1: Update to T_63.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5510-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5510-GH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS5511-GVH: Update to T_47.8.0.4-r8\u003c/p\u003e\u003cp\u003eTS2966-X12TPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4PE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS2966-X12TVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RVPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS5366-X12VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4VPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RPE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4441-X36RE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS4466-X4RWE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eTS8266-X4WE: Update to T_61.8.0.4-r4\u003c/p\u003e\u003cp\u003eMS-C2964-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2972-RFLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2866-X4TGPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2841-X36TPC/W: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2867-X5TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS2961-X12TPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eTS8266-FPC/P: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-C5361-X12LPC: Update to T_45.8.0.3-r10\u003c/p\u003e\u003cp\u003eMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\u003c/p\u003e\u003cp\u003eSC211: Update to C_21.1.0.8-r5\u003c/p\u003e\u003cp\u003eSP111: Update to 52.8.0.4-r6\u003c/p\u003e\u003cp\u003eMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e\u003cp\u003eMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX\u003c/p\u003e"
            }
          ],
          "value": "Milesight advises all users to update their device to the latest firmware versions of PE/PC/PA found at https://www.milesight.com/support/download/firmware.\u00a0\n https://www.milesight.com/support/download/firmware \n\nMS-Cxx63-PD: Update to 51.7.0.77-r13\n\nMS-Cxx64-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx73-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx75-xxPD: Update to 51.7.0.77-r13\n\nMS-Cxx83-xPD: Update to 51.7.0.77-r13\n\nMS-Cxx74-PA: Update to 3x.8.0.3-r13\n\nMS-C8477-HPG1: Update to 63.8.0.4-r4\n\n\u00a0MS-C8477-PC: Update to 48.8.0.4-r4\n\nMS-C5321-FPE: Update to 62.8.0.4-r6\n\nMS-Cxx72-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx62-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx52-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxGPE: Update to 61.8.0.5-r2\n\nMS-Cxx61-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx67-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx71-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx41-xxxPE: Update to 61.8.0.5-r2\n\nMS-Cxx76-PE: Update to 61.8.0.5-r2\n\nMS-Cxx65-PE: Update to 61.8.0.5-r2\n\nMS-Cxx66-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx62-xxxG1: Update to 63.8.0.5-r4\n\nMS-Cxx72-xxxG1: Update to 63.8.0.5-r4\n\nMS-CQxx31-xxxG1: Update to CQ_63.8.0.5-r2\u00a0\n\nMS-CQxx68-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-CQxx72-xxxG1: Update to CQ_63.8.0.5-r2\n\nMS-Nxxxx-NxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxC: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxE: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxG: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxH: Update to 7x.9.0.19-r6\n\nMS-Nxxxx-xxT: Update to 7x.9.0.19-r6\n\nPMC8266-FPE: Update to PO_61.8.0.4-r1\n\nPMC8266-FGPE: Update to PO_61.8.0.4-r1\n\nPM3322-E: Update to PI_61.8.0.3-r5\n\nTS4466-X4RIPG1: Update to T_63.8.0.4-r4\u00a0\n\nTS5366-X12RIPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIVPG1: Update to T_63.8.0.4-r4\n\nTS8266-RFIVPG1: Update to T_63.8.0.4-r4\n\nTS4466-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS8266-X4RIWG1: Update to T_63.8.0.4-r4\n\nTS5510-GVH: Update to T_47.8.0.4-r8\n\nTS5510-GH: Update to T_47.8.0.4-r8\n\nTS5511-GVH: Update to T_47.8.0.4-r8\n\nTS2966-X12TPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RPE: Update to T_61.8.0.4-r4\n\nTS5366-X12PE: Update to T_61.8.0.4-r4\n\nTS8266-X4PE: Update to T_61.8.0.4-r4\n\nTS2966-X12TVPE: Update to T_61.8.0.4-r4\n\nTS4466-X4RVPE: Update to T_61.8.0.4-r4\n\nTS5366-X12VPE: Update to T_61.8.0.4-r4\n\nTS8266-X4VPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RPE: Update to T_61.8.0.4-r4\n\nTS4441-X36RE: Update to T_61.8.0.4-r4\n\nTS4466-X4RWE: Update to T_61.8.0.4-r4\n\nTS8266-X4WE: Update to T_61.8.0.4-r4\n\nMS-C2964-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2972-RFLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-RFLWPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TVPC: Update to T_45.8.0.3-r10\n\nTS2866-X4TGPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC: Update to T_45.8.0.3-r10\n\nTS2841-X36TPC/W: Update to T_45.8.0.3-r10\n\nTS2867-X5TPC: Update to T_45.8.0.3-r10\n\nTS2961-X12TPC: Update to T_45.8.0.3-r10\n\nTS8266-FPC/P: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLPC: Update to T_45.8.0.3-r10\n\nMS-C2966-X12RLVPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LPC: Update to T_45.8.0.3-r10\n\nMS-C5366-X12LVPC: Update to T_45.8.0.3-r10\n\nMS-C5361-X12LPC: Update to T_45.8.0.3-r10\n\nMS-Cxx66-xxxxGOPC: Update to 45.8.0.2-AIoT-r5\n\nSC211: Update to C_21.1.0.8-r5\n\nSP111: Update to 52.8.0.4-r6\n\nMS-Cxx66-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-RFIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx66-FIPKG1: Update to 63.8.0.5-r2-NX\n\nMS-Cxx72-FIPKG1: Update to 63.8.0.5-r2-NX"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMilesight asks all users to report potential security vulnerabilities to security@milesight.com.\u003cbr\u003e\u003ca href=\"mailto:security@milesight.com\"\u003emailto:security@milesight.com\u003c/a\u003e\u003cbr\u003eLearn more: Milesight Vulnerability Reporting Policy\u003cbr\u003e\u003ca href=\"https://www.milesight.com/legal/vulnerability-report\" title=\"(opens in a new window)\"\u003ehttps://www.milesight.com/legal/vulnerability-report\u003c/a\u003e\u003c/p\u003e"
            }
          ],
          "value": "Milesight asks all users to report potential security vulnerabilities to security@milesight.com.\n mailto:security@milesight.com \nLearn more: Milesight Vulnerability Reporting Policy\n https://www.milesight.com/legal/vulnerability-report"
        }
      ],
      "source": {
        "advisory": "ICSA-26-113-03",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight Cameras Authorization Bypass Through User-Controlled Key",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-28747",
    "datePublished": "2026-04-27T22:44:52.012Z",
    "dateReserved": "2026-03-12T17:51:09.913Z",
    "dateUpdated": "2026-04-28T14:35:33.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-4043 (GCVE-0-2025-4043)

Vulnerability from cvelistv5 – Published: 2025-05-07 20:25 – Updated: 2025-05-08 15:12
VLAI?
Title
Milesight UG65-868M-EA Improper Access Control for Volatile Memory Containing Boot Code
Summary
An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot.
Severity ?
6.8 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
6.1 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight UG65-868M-EA Affected: 0 , < 60.0.0.46 (custom)
Create a notification for this product.
Credits
Joe Lovett of Pen Test Partners reported this vulnerability to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4043",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T15:09:10.509148Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1274",
                "description": "CWE-1274 Improper Access Control for Volatile Memory Containing Boot Code",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-08T15:12:07.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "UG65-868M-EA",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "60.0.0.46",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Joe Lovett of Pen Test Partners reported this vulnerability to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot."
            }
          ],
          "value": "An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1274",
              "description": "CWE-1274",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-07T20:25:06.468Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-02"
        },
        {
          "url": "https://www.milesight.com/iot/resources/download-center/#firmware-ug65"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Milesight released the latest firmware Version 60.0.0.46 for the UG65 gateway. Users can download the latest firmware from the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.milesight.com/iot/resources/download-center/#firmware-ug65\"\u003eMilesight download center.\u003c/a\u003e\u003cbr\u003ePlease \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.milesight.com/company/contactus\"\u003econtact Milesight technical support\u003c/a\u003e for more information about this issue and for instructions for installing the latest firmware.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Milesight released the latest firmware Version 60.0.0.46 for the UG65 gateway. Users can download the latest firmware from the  Milesight download center. https://www.milesight.com/iot/resources/download-center/#firmware-ug65 \nPlease  contact Milesight technical support https://www.milesight.com/company/contactus  for more information about this issue and for instructions for installing the latest firmware."
        }
      ],
      "source": {
        "advisory": "ICSA-25-126-02",
        "discovery": "EXTERNAL"
      },
      "title": "Milesight UG65-868M-EA Improper Access Control for Volatile Memory Containing Boot Code",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-4043",
    "datePublished": "2025-05-07T20:25:06.468Z",
    "dateReserved": "2025-04-28T16:04:15.727Z",
    "dateUpdated": "2025-05-08T15:12:07.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36392 (GCVE-0-2024-36392)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:24 – Updated: 2024-08-02 03:37
VLAI?
Title
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity ?
6.1 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36392",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T14:41:35.001164Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:47:37.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.325Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\u003c/p\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub -\u00a0CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:24:33.806Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0161",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-36392",
    "datePublished": "2024-06-02T13:24:33.806Z",
    "dateReserved": "2024-05-27T13:04:44.111Z",
    "dateUpdated": "2024-08-02T03:37:05.325Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36391 (GCVE-0-2024-36391)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:23 – Updated: 2024-08-02 03:37
VLAI?
Title
MileSight DeviceHub - CWE-320: Key Management Errors
Summary
MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
Severity ?
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "devicehub",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.1-r1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36391",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T18:40:16.845961Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:48:09.204Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:04.857Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic \u0026nbsp;\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub -\u00a0CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "CWE-320: Key Management Errors",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:23:28.345Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0160",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-320: Key Management Errors",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-36391",
    "datePublished": "2024-06-02T13:23:28.345Z",
    "dateReserved": "2024-05-27T13:04:44.111Z",
    "dateUpdated": "2024-08-02T03:37:04.857Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36390 (GCVE-0-2024-36390)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:22 – Updated: 2024-08-02 03:37
VLAI?
Title
MileSight DeviceHub - CWE-20 Improper Input Validation
Summary
MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "devicehub",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.1-r1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36390",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T15:45:42.768203Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:48:02.284Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-20 Improper Input Validation may allow Denial of Service\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub -\u00a0CWE-20 Improper Input Validation may allow Denial of Service"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:22:24.377Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0159",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-20 Improper Input Validation",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-36390",
    "datePublished": "2024-06-02T13:22:24.377Z",
    "dateReserved": "2024-05-27T13:04:44.110Z",
    "dateUpdated": "2024-08-02T03:37:05.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36389 (GCVE-0-2024-36389)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:21 – Updated: 2024-08-02 03:37
VLAI?
Title
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values
Summary
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "devicehub",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.1-r1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36389",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T15:47:51.777014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T16:24:23.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:04.960Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub - \n\n\n\n\n\nCWE-330 Use of Insufficiently Random Values may allow Authentication Bypass"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330 Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:21:11.748Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0158",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-36389",
    "datePublished": "2024-06-02T13:21:11.748Z",
    "dateReserved": "2024-05-27T13:04:44.110Z",
    "dateUpdated": "2024-08-02T03:37:04.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36388 (GCVE-0-2024-36388)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:14 – Updated: 2024-08-02 03:37
VLAI?
Title
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
Summary
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
Severity ?
10 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-305 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "devicehub",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.1-r1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T13:49:40.486622Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:47:34.136Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:04.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub - \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-305 Missing Authentication for Critical Function\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub - \n\n\n\nCWE-305 Missing Authentication for Critical Function"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-305",
              "description": "CWE-305 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:19:41.864Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0157",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-36388",
    "datePublished": "2024-06-02T13:14:46.927Z",
    "dateReserved": "2024-05-27T13:04:44.110Z",
    "dateUpdated": "2024-08-02T03:37:04.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-27776 (GCVE-0-2024-27776)

Vulnerability from cvelistv5 – Published: 2024-06-02 13:13 – Updated: 2024-08-02 00:41
VLAI?
Title
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Vendor Product Version
MileSight DeviceHub Affected: v3.0.1-r1 for Ubuntu 20.04 , < Upgrade to the latest version. (custom)
Create a notification for this product.
Date Public ?
2024-06-02 13:10
Credits
Claroty Research – Team 82
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:devicehub:3.0.1-r1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "devicehub",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.1-r1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T15:50:39.664911Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:42.944Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:41:54.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DeviceHub",
          "vendor": "MileSight",
          "versions": [
            {
              "lessThan": "Upgrade to the latest version.",
              "status": "affected",
              "version": "v3.0.1-r1 for Ubuntu 20.04",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claroty Research \u2013 Team 82"
        }
      ],
      "datePublic": "2024-06-02T13:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eMileSight DeviceHub - \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE\u003c/span\u003e\n\n\u003c/p\u003e\u003cbr\u003e\n\n"
            }
          ],
          "value": "MileSight DeviceHub - \n\nCWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) may allow Unauthenticated RCE"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-02T13:13:03.786Z",
        "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
        "shortName": "INCD"
      },
      "references": [
        {
          "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
        }
      ],
      "source": {
        "advisory": "ILVN-2024-0156",
        "discovery": "UNKNOWN"
      },
      "title": "MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
    "assignerShortName": "INCD",
    "cveId": "CVE-2024-27776",
    "datePublished": "2024-06-02T13:13:03.786Z",
    "dateReserved": "2024-02-26T09:27:55.324Z",
    "dateUpdated": "2024-08-02T00:41:54.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47166 (GCVE-0-2023-47166)

Vulnerability from cvelistv5 – Published: 2024-05-01 15:31 – Updated: 2025-11-04 17:12
VLAI?
Summary
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.7-r2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "32.3.0.7-r2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47166",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-01T17:08:07.079892Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:26:33.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:12:52.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1852"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.7-r2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:00:16.373Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1852"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-47166",
    "datePublished": "2024-05-01T15:31:02.072Z",
    "dateReserved": "2023-11-07T19:16:06.149Z",
    "dateUpdated": "2025-11-04T17:12:52.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-23547 (GCVE-0-2023-23547)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-10-24 14:35
VLAI?
Summary
A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1695"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1695",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1695"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23547",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T14:25:46.589480Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T14:35:43.057Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:05.393Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1695",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1695"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23547",
    "datePublished": "2023-07-06T14:53:35.141Z",
    "dateReserved": "2023-01-20T13:54:52.294Z",
    "dateUpdated": "2024-10-24T14:35:43.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23550 (GCVE-0-2023-23550)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:35
VLAI?
Summary
An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:32.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1694"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1694",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1694"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l_firmware",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23550",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-31T20:34:39.502209Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-31T20:41:12.776Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:09.199Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1694",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1694"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23550",
    "datePublished": "2023-07-06T14:53:35.622Z",
    "dateReserved": "2023-01-19T14:56:01.395Z",
    "dateUpdated": "2024-08-02T10:35:32.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23902 (GCVE-0-2023-23902)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-11-14 14:20
VLAI?
Summary
A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:42:27.100Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1697"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1697",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1697"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23902",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:19:43.240001Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:20:29.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:05.102Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1697",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1697"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23902",
    "datePublished": "2023-07-06T14:53:34.384Z",
    "dateReserved": "2023-01-20T14:42:47.904Z",
    "dateUpdated": "2024-11-14T14:20:29.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23571 (GCVE-0-2023-23571)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:35
VLAI?
Summary
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.260Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1696"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1696",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1696"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l_firmware",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23571",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T15:01:14.198741Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T15:06:22.661Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-17T13:10:33.978Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1696",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1696"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23571",
    "datePublished": "2023-07-06T14:53:34.762Z",
    "dateReserved": "2023-01-20T14:17:02.346Z",
    "dateUpdated": "2024-08-02T10:35:33.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22306 (GCVE-0-2023-22306)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-11-14 14:26
VLAI?
Summary
An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1698"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1698",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1698"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22306",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:25:57.222605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:26:34.373Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:08.910Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1698",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1698"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22306",
    "datePublished": "2023-07-06T14:53:34.023Z",
    "dateReserved": "2023-01-20T16:00:40.136Z",
    "dateUpdated": "2024-11-14T14:26:34.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22659 (GCVE-0-2023-22659)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-11-14 14:39
VLAI?
Summary
An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:13:49.970Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1699"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1699",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1699"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22659",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:38:45.867646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:39:44.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An os command injection vulnerability exists in the libzebra.so change_hostname functionality of Milesight UR32L v32.3.0.5. A specially-crafted network packets can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:08.615Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1699",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1699"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22659",
    "datePublished": "2023-07-06T14:53:33.646Z",
    "dateReserved": "2023-01-20T16:01:16.234Z",
    "dateUpdated": "2024-11-14T14:39:44.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22844 (GCVE-0-2023-22844)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-03-05 18:54
VLAI?
Summary
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.
Severity ?
7.3 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:20:30.773Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1700"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1700",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1700"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22844",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T18:43:05.920249Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T18:54:30.930Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:07.380Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1700",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1700"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22844",
    "datePublished": "2023-07-06T14:53:33.273Z",
    "dateReserved": "2023-01-20T17:32:00.545Z",
    "dateUpdated": "2025-03-05T18:54:30.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22319 (GCVE-0-2023-22319)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-11-14 14:40
VLAI?
Summary
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability.
Severity ?
7.3 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:05.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1701"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22319",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:40:17.782795Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:40:36.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:07.073Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22319",
    "datePublished": "2023-07-06T14:53:32.886Z",
    "dateReserved": "2023-01-20T17:45:39.242Z",
    "dateUpdated": "2024-11-14T14:40:36.065Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23907 (GCVE-0-2023-23907)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:42
VLAI?
Summary
A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:42:27.095Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1702"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1702",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1702"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:milesightvpn:2.0.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "milesightvpn",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "2.0.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23907",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T15:19:32.655609Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T15:25:27.985Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:06.747Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1702",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1702"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23907",
    "datePublished": "2023-07-06T14:53:32.531Z",
    "dateReserved": "2023-01-20T17:46:16.436Z",
    "dateUpdated": "2024-08-02T10:42:27.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22371 (GCVE-0-2023-22371)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:07
VLAI?
Summary
An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability.
Severity ?
8.1 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1703"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:milesight:milesightvpn:2.0.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "milesightvpn",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "2.0.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22371",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T15:00:17.956114Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T15:00:56.035Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An os command injection vulnerability exists in the liburvpn.so create_private_key functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:07.646Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1703"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22371",
    "datePublished": "2023-07-06T14:53:31.757Z",
    "dateReserved": "2023-01-23T20:46:33.712Z",
    "dateUpdated": "2024-08-02T10:07:06.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-24496 (GCVE-0-2023-24496)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-11-04 19:14
VLAI?
Summary
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the name field of the database.
Severity ?
4.7 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE
  • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:41.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24496",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T15:23:42.493290Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T15:24:25.399Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the name field of the database."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-17T18:49:06.317Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-24496",
    "datePublished": "2023-07-06T14:53:31.258Z",
    "dateReserved": "2023-01-24T19:20:44.636Z",
    "dateUpdated": "2025-11-04T19:14:41.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-24497 (GCVE-0-2023-24497)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-11-04 19:14
VLAI?
Summary
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the remote_subnet field of the database
Severity ?
4.7 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE
  • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
Vendor Product Version
Milesight MilesightVPN Affected: v2.0.2
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:42.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T15:23:46.783249Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T15:23:54.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MilesightVPN",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploited through the remote_subnet field of the database"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-17T18:49:06.435Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-24497",
    "datePublished": "2023-07-06T14:53:31.342Z",
    "dateReserved": "2023-01-24T19:20:44.638Z",
    "dateUpdated": "2025-11-04T19:14:42.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-24519 (GCVE-0-2023-24519)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-11-04 19:14
VLAI?
Summary
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the ping tool utility.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:43.973Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24519",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:44:31.942864Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:45:10.681Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the ping tool utility."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:09.566Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-24519",
    "datePublished": "2023-07-06T14:53:30.365Z",
    "dateReserved": "2023-01-25T15:05:01.029Z",
    "dateUpdated": "2025-11-04T19:14:43.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-24520 (GCVE-0-2023-24520)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-11-04 19:14
VLAI?
Summary
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the trace tool utility.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:45.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24520",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:41:05.642988Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:41:34.788Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the trace tool utility."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:09.776Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-24520",
    "datePublished": "2023-07-06T14:53:30.444Z",
    "dateReserved": "2023-01-25T15:05:01.030Z",
    "dateUpdated": "2025-11-04T19:14:45.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-23546 (GCVE-0-2023-23546)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:35
VLAI?
Summary
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Severity ?
4.2 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
CWE
  • CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1705"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1705",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1705"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23546",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T15:25:42.829285Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T15:25:58.861Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295: Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:06.457Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1705",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1705"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-23546",
    "datePublished": "2023-07-06T14:53:30.850Z",
    "dateReserved": "2023-01-25T14:53:13.690Z",
    "dateUpdated": "2024-08-02T10:35:33.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-24583 (GCVE-0-2023-24583)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2025-11-04 19:14
VLAI?
Summary
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injection is triggered through a UDP packet.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:14:47.356Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1710",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1710"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1710"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "v32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24583",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:45:40.294184Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:46:10.221Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injection is triggered through a UDP packet."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:05.823Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1710",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1710"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-24583",
    "datePublished": "2023-07-06T14:53:29.946Z",
    "dateReserved": "2023-01-27T17:45:31.172Z",
    "dateUpdated": "2025-11-04T19:14:47.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-22299 (GCVE-0-2023-22299)

Vulnerability from cvelistv5 – Published: 2023-07-06 14:53 – Updated: 2024-08-02 10:07
VLAI?
Summary
An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Milesight UR32L Affected: v32.3.0.5
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:05.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1712"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ur32l_firmware",
            "vendor": "milesight",
            "versions": [
              {
                "status": "affected",
                "version": "32.3.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22299",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T14:53:21.365321Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T14:54:28.985Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UR32L",
          "vendor": "Milesight",
          "versions": [
            {
              "status": "affected",
              "version": "v32.3.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability exists in the vtysh_ubus _get_fw_logs functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-06T17:00:10.061Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22299",
    "datePublished": "2023-07-06T14:53:29.031Z",
    "dateReserved": "2023-01-27T17:52:55.100Z",
    "dateUpdated": "2024-08-02T10:07:05.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}