Yifanwireless Yf325 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yifanwireless Yf325 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2023-35968 — CVSS 9.8 (critical): Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A…
CVE-2023-35965 — CVSS 9.8 (critical): Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially…
CVE-2023-35966 — CVSS 9.8 (critical): Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially…
CVE-2023-35967 — CVSS 9.8 (critical): Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A…
CVE-2023-24479 — CVSS 9.8 (critical): An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. A specially crafted…
CVE-2023-32645 — CVSS 9.8 (critical): A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted…
CVE-2023-34346 — CVSS 9.8 (critical): A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially…
CVE-2023-34365 — CVSS 9.8 (critical): A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially…
CVE-2023-34426 — CVSS 9.8 (critical): A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. A specially…
CVE-2023-31272 — CVSS 8.8 (high): A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted…
CVE-2023-32632 — CVSS 8.8 (high): A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted…
CVE-2023-35055 — CVSS 8.8 (high): A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network…
CVE-2023-35056 — CVSS 8.8 (high): A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network…