CVE-2023-31272

Name of the Vulnerable Software and Affected Versions Yifan YF325 version 1.0 20221108

Description A stack-based buffer overflow vulnerability exists in the httpd do wds functionality. A specially crafted network request can lead to stack-based buffer overflow, allowing an attacker to send a network request to trigger this vulnerability. This can potentially enable a remote attacker to execute arbitrary code.

Recommendations For Yifan YF325 version 1.0 20221108, as a temporary workaround, consider restricting access to the httpd do wds functionality until a patch is available. Avoid using the vulnerable functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.