yifanwireless CVE Vulnerabilities & Metrics

Focus on yifanwireless vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About yifanwireless Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with yifanwireless. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total yifanwireless CVEs: 13
Earliest CVE date: 11 Oct 2023, 16:15 UTC
Latest CVE date: 11 Oct 2023, 16:15 UTC

Latest CVE reference: CVE-2023-35968

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): -100.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): -100.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical yifanwireless CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	13
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS yifanwireless CVEs

These are the five CVEs with the highest CVSS scores for yifanwireless, sorted by severity first and recency.

CVE-2023-35968 yifanwireless Published on 11 Oct 2023, 16:15 UTC (CVSS: 0)
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function.
CVE-2023-35967 yifanwireless Published on 11 Oct 2023, 16:15 UTC (CVSS: 0)
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function.
CVE-2023-35966 yifanwireless Published on 11 Oct 2023, 16:15 UTC (CVSS: 0)
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function.
CVE-2023-35965 yifanwireless Published on 11 Oct 2023, 16:15 UTC (CVSS: 0)
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function.
CVE-2023-35056 yifanwireless Published on 11 Oct 2023, 16:15 UTC (CVSS: 0)
A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.

All CVEs for yifanwireless

CVE-2023-35968 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function.

CVE-2023-35967 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

CVE-2023-35966 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function.

CVE-2023-35965 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

CVE-2023-35056 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.

CVE-2023-35055 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

CVE-2023-34426 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2023-34365 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2023-34346 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability.

CVE-2023-32645 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.

CVE-2023-32632 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.

CVE-2023-31272 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2023-24479 yifanwireless vulnerability CVSS: 0 11 Oct 2023, 16:15 UTC

An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.