3 matches found
CVE-2023-31272
The CVE affects Yifan YF325, version v1.0_20221108, where the httpd do_wds endpoint copies URL_path into a fixed-size buffer using strcpy without length checks, causing a stack-based buffer overflow. This can be triggered by a specially crafted network request (no authentication required) and Tal...
CVE-2023-31272
A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...
Yifan YF325 httpd do_wds stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1765 Yifan YF325 httpd dowds stack-based buffer overflow vulnerability October 11, 2023 CVE Number CVE-2023-31272 SUMMARY A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted...