The vulnerability of the httpd do_wds function in the microprogramming software for industrial Wi-Fi routers Yifan YF325 allows a hacker to execute arbitrary code.

The vulnerability of the dowds function in the microprogramming-based industrial Wi-Fi routers from Yifan YF325 relates to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-31272

A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...

Stack overflow

A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...

CVE-2023-31272

A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...

CVE-2023-31272

The CVE affects Yifan YF325, version v1.0_20221108, where the httpd do_wds endpoint copies URL_path into a fixed-size buffer using strcpy without length checks, causing a stack-based buffer overflow. This can be triggered by a specially crafted network request (no authentication required) and Tal...