Headline

CVE-2023-43261

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.

2 years ago

CVE

Open in Source

Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular router's API to send malicious SMS messages containing phishing URLs, with the campaigns primarily targeting Sweden, Italy,

12 days ago

The Hacker News

Open in Source

#vulnerability #google #java #backdoor #auth #The Hacker News

Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage

Milesight IoT router versions UR5X, UR32L, UR32, UR35, and UR41 suffer from a credential leaking vulnerability due to unprotected system logs and weak password encryption.

1 year ago

Packet Storm

Open in Source

#vulnerability #ubuntu #auth

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers before version 35.3.0.7 that could enable attackers to access

2 years ago

The Hacker News

Open in Source

#vulnerability #web #mac #rce #auth #The Hacker News