CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35965
https://notcve.org/view.php?id=CVE-2023-35965
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function. Existen dos vulnerabilidades de desbordamiento de búfer basadas en la funcionalidad httpd Manage_post de Yifan YF325 v1.0_20221108. Una solicitud de red especialmente manipulada puede provocar un desbordamiento del búfer. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1787 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35968
https://notcve.org/view.php?id=CVE-2023-35968
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function. Existen dos vulnerabilidades de desbordamiento de búfer en la funcionalidad gwcfg_cgi_set_manage_post_data de Yifan YF325 v1.0_20221108. Una solicitud de red especialmente manipulada puede provocar un desbordamiento del búfer. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35967
https://notcve.org/view.php?id=CVE-2023-35967
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function. Existen dos vulnerabilidades de desbordamiento de búfer en la funcionalidad gwcfg_cgi_set_manage_post_data de Yifan YF325 v1.0_20221108. Una solicitud de red especialmente manipulada puede provocar un desbordamiento del búfer. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •