milesight cameras

About this tag
Milesight cameras have been flagged in a CISA advisory covering multiple CVEs that expose AIoT, LPR, and network camera models to serious security risks. The vulnerabilities include authorization bypass, hard-coded credentials, hard-coded cryptographic keys, OS command injection, and a heap-based buffer overflow. Successful exploitation could crash the device or allow remote code execution. The advisory highlights that many affected cameras still run firmware branches susceptible to these attacks, making patching a priority for users. This tag covers discussions about the security flaws in Milesight cameras, the associated CVEs, and the implications for device owners.
  1. CISA Warns Milesight Cameras: Multiple CVEs Lead to RCE, Injection, and Device Crashes

    Milesight Cameras are back in the security spotlight with a sprawling CISA advisory that ties five CVE families to a wide range of AIoT, LPR, and network camera product lines, many of them still running firmware branches that can be exploited for device crashes or full remote code execution...