EUVD-2023-38445

Malicious code in bioql PyPI...

The vulnerability of the `nvram_restore` function (libutils.so) in the industrial Wi-Fi router software Yifan YF325 allows a hacker to execute arbitrary code.

The vulnerability of the libutils.so function in the microcomputer software for industrial Wi-Fi routers, Yifan YF325, is related to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-34365

A stack-based buffer overflow vulnerability exists in the libutils.so nvramrestore functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability...

CVE-2023-34365

A stack-based buffer overflow vulnerability exists in the libutils.so nvramrestore functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability...

CVE-2023-34365

A stack-based buffer overflow vulnerability exists in the libutils.so nvramrestore functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability...

CVE-2023-34365

Affected software: Yifan YF325 router (v1.0_20221108). Vulnerability: stack-based buffer overflow in libutils.so nvram_restore parsing. The nvram upload file is parsed in a loop reading key length (up to 255) into a 128-byte buffer, causing a stack overflow. This can be triggered by a specially c...

Yifan YF325 libutils.so nvram_restore stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1763 Yifan YF325 libutils.so nvramrestore stack-based buffer overflow vulnerability October 11, 2023 CVE Number CVE-2023-34365 SUMMARY A stack-based buffer overflow vulnerability exists in the libutils.so nvramrestore functionality of Yifan YF325 v1.020221108...