CVE-2023-35056
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.
Existe una vulnerabilidad de desbordamiento del búfer en la funcionalidad httpd next_page de Yifan YF325 v1.0_20221108. Una solicitud de red especialmente manipulada puede conducir a la ejecución de un comando. Un atacante puede enviar una solicitud de red para desencadenar esta vulnerabilidad. Este desbordamiento del búfer se encuentra en el parámetro next_page de la función cgi_handler.
*Credits:
Discovered by Francesco Benvenuto of Cisco Talos.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-06-12 CVE Reserved
- 2023-10-11 CVE Published
- 2024-09-18 CVE Updated
- 2024-11-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Yifanwireless Search vendor "Yifanwireless" | Yf325 Firmware Search vendor "Yifanwireless" for product "Yf325 Firmware" | 1.0_20221108 Search vendor "Yifanwireless" for product "Yf325 Firmware" and version "1.0_20221108" | - |
Affected
| in | Yifanwireless Search vendor "Yifanwireless" | Yf325 Search vendor "Yifanwireless" for product "Yf325" | - | - |
Safe
|