Yifanwireless: Security Vulnerabilities
An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-11
A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-10-11
A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-11
Page 2