Skip to main content

Yf325 Firmware

13 CVEs product

Monthly

CVE-2023-35968 CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-35967 CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-35966 CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-35965 CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-35056 CRITICAL Act Now

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-35055 CRITICAL Act Now

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-34426 CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-34365 CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-34346 CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-32645 CRITICAL Act Now

A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
53.8%
CVE-2023-32632 CRITICAL Act Now

A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-31272 CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-24479 CRITICAL Act Now

An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Yf325 Firmware
NVD
EPSS 54% CVSS 9.8
CRITICAL Act Now

A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Yf325 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Yf325 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy