Featured

By Product

By Application

Software & Platforms

People Sensing Driven Smart Buildings

Transforming buildings with people-centric sensing, optimizing space, energy, and facility management

Learn More

People Sensing

Precise occupancy, behavioral insights, and resource optimization for smarter, efficient environments

Learn More

Top IoT Innovator in Frost Radar™ 2025

Frost & Sullivan's latest report ranks Milesight as the #1 IoT Innovator in smart building sensors.

Milesight Development Platform

From device deployment and management to custom integration and application development, Milesight helps you get your project off the ground.

Request a Demo

Milesight IoT Cloud

DeviceHub

MilesightVPN

Beaver IoT

Featured

Video Surveillance

Intelligent Traffic

Solar-Powered Series

View All

TrueColor Camera Series

Enjoy unparalleled 24/7 security with vivid, true-to-life images and proactive deterrence

Learn More

RadarV Technology

Next-level radar-video fusion technology tailored for speed enforcement

Learn More

Mobile Surveillance Units

Off-grid solutions for construction sites, parking lots, temporary events and remote roads

Learn More

Explore NDAA-Compliant Products for Trusted Performance

IoT Solutions

CCTV Solutions

Smart Building

Facility Management Energy Management Space Management

People Counting Space Occupancy Indoor Air Quality HVAC Management Water Management Smart Office Smart Restroom

Smart City

Waste Management Smart Water Power Distribution Networking Smart Industrial Energy Temperature & Humidity Monitoring

Smart Agriculture

IoT Success Stories

Milesight helps customers in buildings, retail, healthcare, education, and more achieve their goals smarter and faster.

View case studies

Solution by Industry & Scenario

Retail Video Surveillance Traffic Surveillance Mobile Surveillance Units Construction Site Retail Parking Lot Security

View All

Solution by Application

Intelligent Traffic

Traffic Enforcement Speed Enforcement Smart Parking Entrance & Exit Management

Video Surveillance

Panoramic Surveillance PTZ Surveillance Smart Crowd Management Smart Remote Management

CCTV Success Stories

Milesight enables retail, traffic, residential, education, and other industries to strengthen security and reach goals more efficiently and intelligently.

View case studies

Milesight Security Notice - Vulnerabilities in Milesight Cameras

Date: 2025-11-28

At Milesight, we take product security seriously. As part of our ongoing commitment to safeguarding users and systems, we continuously monitor for potential vulnerabilities and act swiftly to mitigate risks.

Recent internal security reviews, supplemented by external reports, have identified several vulnerabilities in specific firmware versions of Milesight Cameras.

Risk Overview

Issue	Impact	CVSS Score
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras.	An attacker could exploit this vulnerability to decrypt the administrator password and compromise the account.	Base score: 7.3 (CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.	An attacker could exploit this vulnerability to gain root privileges and execute code remotely.	Base score: 8.7 (CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.	An attacker could exploit this vulnerability to decrypt TLS traffic.	Base score: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras.	An attacker could exploit this vulnerability by sending crafted messages containing malicious commands to perform command injection attacks.	Base score: 8.4 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.	An attacker could exploit this vulnerability to cause a denial-of-service condition.	Base score: 8.6 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

Affected Products and Fixed Versions

Product Model	Affected Firmware Version(s)	Fixed Firmware Version	Download Link
MS-Cxx63-PD MS-Cxx64-xPD MS-Cxx73-xPD MS-Cxx75-xxPD MS-Cxx83-xPD	51.7.0.77-r12 and prior versions	51.7.0.77-r13	Download
MS-Cxx74-PA	3x.8.0.3-r11 and prior versions	3x.8.0.3-r13	Download
MS-C8477-HPG1	63.8.0.4-r3 and prior versions	63.8.0.4-r4	Download
MS-C8477-PC	48.8.0.4-r3 and prior versions	48.8.0.4-r4	Download
MS-C5321-FPE	62.8.0.4-r5 and prior versions	62.8.0.4-r6	Download
MS-Cxx72-xxxPE MS-Cxx62-xxxPE MS-Cxx52-xxxPE MS-Cxx66-xxxPE MS-Cxx66-xxxGPE MS-Cxx61-xxxPE MS-Cxx67-xxxPE MS-Cxx71-xxxPE MS-Cxx41-xxxPE MS-Cxx76-PE MS-Cxx65-PE	61.8.0.5-r2 and prior versions	61.8.0.5-r2	Download
MS-Cxx66-xxxG1 MS-Cxx62-xxxG1 MS-Cxx72-xxxG1	63.8.0.5-r3 and prior versions	63.8.0.5-r4	Download
MS-CQxx31-xxxG1 MS-CQxx68-xxxG1 MS-CQxx72-xxxG1	CQ_63.8.0.5-r1 and prior versions	CQ_63.8.0.5-r2	Download
MS-Nxxxx-NxE MS-Nxxxx-xxC MS-Nxxxx-xxE MS-Nxxxx-xxG MS-Nxxxx-xxH MS-Nxxxx-xxT	7x.9.0.19-r5 and prior versions	7x.9.0.19-r6	Download
PMC8266-FPE PMC8266-FGPE	PO_61.8.0.4_LPR and prior versions	PO_61.8.0.4-r1	Download
PM3322-E	PI_61.8.0.3_LPR-r3 and prior versions	PI_61.8.0.3-r5	Download
TS4466-X4RIPG1 TS5366-X12RIPG1 TS8266-X4RIPG1 TS4466-X4RIVPG1 TS4466-RFIVPG1 TS8266-X4RIVPG1 TS8266-RFIVPG1 TS4466-X4RIWG1 TS8266-X4RIWG1	T_63.8.0.4_LPR-r3 and prior versions	T_63.8.0.4-r4	Download
TS5510-GVH	T_47.8.0.4_LPR-r7 and prior versions	T_47.8.0.4-r8	Download
TS5510-GH TS5511-GVH	T_47.8.0.4_LPR-r6 and prior versions	T_47.8.0.4-r8	Download
TS2966-X12TPE TS4466-X4RPE TS5366-X12PE TS8266-X4PE TS2966-X12TVPE TS4466-X4RVPE TS5366-X12VPE TS8266-X4VPE TS4441-X36RPE TS4441-X36RE TS4466-X4RWE TS8266-X4WE	T_61.8.0.4_LPR-r3 and prior versions	T_61.8.0.4-r4	Download
MS-C2964-RFLPC MS-C2972-RFLPC MS-C2966-RFLWPC TS2866-X4TPC TS2866-X4TVPC TS2866-X4TGPC TS2841-X36TPC TS2841-X36TPC/W TS2867-X5TPC TS2961-X12TPC TS8266-FPC/P MS-C2966-X12RLPC MS-C2966-X12RLVPC MS-C5366-X12LPC MS-C5366-X12LVPC MS-C5361-X12LPC	T_45.8.0.3-r9 and prior versions	T_45.8.0.3-r10	Download
MS-Cxx66-xxxxGOPC	45.8.0.2-AIoT-r4 and prior versions	45.8.0.2-AIoT-r5	Download
SC211	C_21.1.0.8-r4 and prior versions	C_21.1.0.8-r5	Download
SP111	52.8.0.4-r5 and prior versions	52.8.0.4-r6	Download
MS-Cxx66-RFIPKG1 MS-Cxx72-RFIPKG1 MS-Cxx66-FIPKG1 MS-Cxx72-FIPKG1	63.8.0.4-r1-NX and prior versions	63.8.0.5-r2-NX	Download

Remediation

We advise all users to update the device to the latest firmware provided in the table above to eliminate these vulnerabilities.

Vulnerability Credit

We thank the Singapore Cyber Emergency Response Team (SingCERT) for reporting these vulnerabilities to us.

Reporting Security Issues

We encourage all users and partners to report potential security vulnerabilities to help us maintain the integrity of Milesight products.

Please submit reports using the following format:

Subject: Vulnerability Report - [Product Name] - [Brief Summary]
Submit to: security@milesight.com
Learn more: Milesight Vulnerability Reporting Policy

If you are interested in Milesight, please leave us a message.