Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:milesight:ms-n5008-e_firmware:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-30467 |
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device. Published: April 28, 2023; 7:15:09 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-30466 |
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device. Published: April 28, 2023; 7:15:08 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |