Lucene search

[email protected]NVD:CVE-2023-43260

HistoryOct 05, 2023 - 7:15 p.m.

CVE-2023-43260

2023-10-0519:15:11

CWE-79

[email protected]

web.nvd.nist.gov

milesight

ur5x

ur32l

ur32

ur35

ur41

xss

vulnerability

admin panel

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

21.7%

JSON

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.

Affected configurations

Nvd

Node

milesightur51_firmwareRange<35.3.0.7

AND

milesightur51Match-

Node

milesightur52_firmwareRange<35.3.0.7

AND

milesightur52Match-

Node

milesightur55_firmwareRange<35.3.0.7

AND

milesightur55Match-

Node

milesightur32l_firmwareRange<35.3.0.7

AND

milesightur32lMatch-

Node

milesightur32_firmwareRange<35.3.0.7

AND

milesightur32Match-

Node

milesightur35_firmwareRange<35.3.0.7

AND

milesightur35Match-

Node

milesightur41_firmwareRange<35.3.0.7

AND

milesightur41Match-

VendorProductVersionCPE
milesightur51_firmware*cpe:2.3:o:milesight:ur51_firmware:*:*:*:*:*:*:*:*
milesightur51-cpe:2.3:h:milesight:ur51:-:*:*:*:*:*:*:*
milesightur52_firmware*cpe:2.3:o:milesight:ur52_firmware:*:*:*:*:*:*:*:*
milesightur52-cpe:2.3:h:milesight:ur52:-:*:*:*:*:*:*:*
milesightur55_firmware*cpe:2.3:o:milesight:ur55_firmware:*:*:*:*:*:*:*:*
milesightur55-cpe:2.3:h:milesight:ur55:-:*:*:*:*:*:*:*
milesightur32l_firmware*cpe:2.3:o:milesight:ur32l_firmware:*:*:*:*:*:*:*:*
milesightur32l-cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*
milesightur32_firmware*cpe:2.3:o:milesight:ur32_firmware:*:*:*:*:*:*:*:*
milesightur32-cpe:2.3:h:milesight:ur32:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
milesight	ur51_firmware	*	cpe:2.3:o:milesight:ur51_firmware::::::::
milesight	ur51	-	cpe:2.3:h:milesight:ur51:-:::::::*
milesight	ur52_firmware	*	cpe:2.3:o:milesight:ur52_firmware::::::::
milesight	ur52	-	cpe:2.3:h:milesight:ur52:-:::::::*
milesight	ur55_firmware	*	cpe:2.3:o:milesight:ur55_firmware::::::::
milesight	ur55	-	cpe:2.3:h:milesight:ur55:-:::::::*
milesight	ur32l_firmware	*	cpe:2.3:o:milesight:ur32l_firmware::::::::
milesight	ur32l	-	cpe:2.3:h:milesight:ur32l:-:::::::*
milesight	ur32_firmware	*	cpe:2.3:o:milesight:ur32_firmware::::::::
milesight	ur32	-	cpe:2.3:h:milesight:ur32:-:::::::*

Rows per page:

1-10 of 141

References

gist.github.com/win3zz/c7eda501edcf5383df32fabe00938d13

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

21.7%

JSON

Related for NVD:CVE-2023-43260

cvelist1 prion1 vulnrichment1 cve1