CVE-2023-32645

Name of the Vulnerable Software and Affected Versions Yifan YF325 version 1.0 20221108

Description A leftover debug code vulnerability exists in the httpd debug credentials functionality. This vulnerability can be triggered by a specially crafted network request, leading to authentication bypass. An attacker can exploit this issue by sending a network request.

Recommendations For Yifan YF325 version 1.0 20221108, consider disabling the httpd debug credentials functionality as a temporary workaround until a patch is available. Restrict access to the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.