Description

A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Related CPE's

Could not find any relations

References

https://github.com/cymiao1978/cve/blob/main/new/17.md

https://github.com/cymiao1978/cve/blob/main/new/17.md#poc

https://vuldb.com/?ctiid.338421

https://vuldb.com/?id.338421

https://vuldb.com/?submit.708351

Weaknesses

[email protected]

Primary
CWE-119CWE-120

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2025-12-26T01:15:58.440

4 hours ago

Last modified

2025-12-26T01:15:58.440

4 hours ago