CVE-2023-43261

HIGH EXPLOITED NUCLEI

Milesight <v35.3.0.7 - Info Disclosure

Title source: llm

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.

nomisec WORKING POC 57 stars

by win3zz · infoleak

Milesight Routers - Information Disclosure

HIGHVERIFIEDby gy741

Shodan: http.html:rt_title

CVSS v3 7.5

EPSS 0.9314

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

VulnCheck KEV 2023-10-13

CWE

CWE-532

Status published

Products (5)

milesight/ur32_firmware < 35.3.0.7

milesight/ur32l_firmware < 35.3.0.7

milesight/ur35_firmware < 35.3.0.7

milesight/ur41_firmware < 35.3.0.7

milesight/ur5x_firmware < 35.3.0.7

Published Oct 04, 2023

Tracked Since Feb 18, 2026