Security Advisory

CVE-2023-22319

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-06 14:53:32
Last updated 2024-11-14 14:40:36
Assigner talos
State PUBLISHED

Description

A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability.