CVSS 3.1 Score 8.8 of 10 (high)


Published Jul 6, 2023
Updated: Oct 30, 2023
CWE ID 787
CWE ID 121


CVE-2023-24018 is a stack-based buffer overflow vulnerability that affects the security_decrypt_password functionality of Milesight UR32L v32.3.0.5. This vulnerability can be exploited by an authenticated attacker through a specially crafted HTTP request, leading to a buffer overflow. The vulnerability has a base severity rating of HIGH with a base score of 8.8 according to the CVSS:3.1 scoring system, indicating a significant threat to organizations. The potential impacts include high confidentiality and integrity impacts, as well as low privileges required and no user interaction needed for exploitation. It is recommended to apply appropriate patches or updates provided by the vendor to remediate this vulnerability and mitigate the potential danger it poses.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-24018 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options