2 matches found
CVE-2023-35966
Two CVEs (CVE-2023-35965 and CVE-2023-35966) affect Yifan YF325 v1.0_20221108 in the httpd manage_post API. Talos detail shows an integer overflow in Content-Length handling that triggers a heap overflow: CVE-35965 via malloc(content_length+1) and CVE-35966 via realloc(content_length+1), with a s...
CVE-2023-35966
Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...