PT-2026-35568 · Milesight · Ms-C2964-Rflpc+77
Souvik Kandar
·
Published
2026-04-27
·
Updated
2026-04-28
·
CVE-2026-20766
CVSS v3.1
8.8
High
| AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ms-C2964-Rflpc
Ms-C2966-Rflwpc
Ms-C2966-X12Rlpc
Ms-C2966-X12Rlvpc
Ms-C2972-Rflpc
Ms-C5321-Fpe
Ms-C5361-X12Lpc
Ms-C5366-X12Lpc
Ms-C5366-X12Lvpc
Ms-C8477-Hpg1
Ms-C8477-Pc
Ms-Cqxx31-Xxxg1
Ms-Cqxx68-Xxxg1
Ms-Cqxx72-Xxxg1
Ms-Cxx41-Xxxpe
Ms-Cxx52-Xxxpe
Ms-Cxx61-Xxxpe
Ms-Cxx62-Xxxg1
Ms-Cxx62-Xxxpe
Ms-Cxx63-Pd
Ms-Cxx64-Xpd
Ms-Cxx65-Pe
Ms-Cxx66-Fipkg1
Ms-Cxx66-Rfipkg1
Ms-Cxx66-Xxxg1
Ms-Cxx66-Xxxgpe
Ms-Cxx66-Xxxpe
Ms-Cxx66-Xxxxgopc
Ms-Cxx67-Xxxpe
Ms-Cxx71-Xxxpe
Ms-Cxx72-Fipkg1
Ms-Cxx72-Rfipkg1
Ms-Cxx72-Xxxg1
Ms-Cxx72-Xxxpe
Ms-Cxx73-Xpd
Ms-Cxx74-Pa
Ms-Cxx75-Xxpd
Ms-Cxx76-Pe
Ms-Cxx83-Xpd
Ms-Nxxxx-Nxe
Ms-Nxxxx-Xxc
Ms-Nxxxx-Xxe
Ms-Nxxxx-Xxg
Ms-Nxxxx-Xxh
Ms-Nxxxx-Xxt
Pm3322-E
Pmc8266-Fgpe
Pmc8266-Fpe
Sc211
Sp111
Ts2841-X36Tpc
Ts2841-X36Tpc/W
Ts2866-X4Tgpc
Ts2866-X4Tpc
Ts2866-X4Tvpc
Ts2867-X5Tpc
Ts2961-X12Tpc
Ts2966-X12Tpe
Ts4441-X36Re
Ts4441-X36Rpe
Ts4466-Rfivpg1
Ts4466-X4Ripg1
Ts4466-X4Rivpg1
Ts4466-X4Riwg1
Ts4466-X4Rpe
Ts5366-X12Pe
Ts5366-X12Ripg1
Ts5510-Gh
Ts5510-Gvh
Ts5511-Gvh
Ts8266-Fpc/P
Ts8266-Rfivpg1
Ts8266-X4Pe
Ts8266-X4Ripg1
Ts8266-X4Rivpg1
Ts8266-X4Riwg1
Ts8266-X4Vpe
Ts8266-X4We