CVE-2025-7116
BaseFortify
Publication date: 2025-07-07
Last updated on: 2026-01-14
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 750w_firmware | to 3.2.2-191225 (inc) |
| utt | 750w | 5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a critical buffer overflow in the UTT θΏε 750W router firmware up to version 3.2.2-191225. It occurs in the handling of the 'ssid' argument in the /goform/Fast_wireless_conf endpoint. The device copies input data without proper bounds checking, specifically using an unsafe strcpy operation, which leads to a buffer overflow. This flaw can be exploited remotely by an attacker without local access. [1, 2]
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to denial of service (DoS) attacks against the router, and potentially compromise the confidentiality, integrity, and availability of the device. Since the attack can be initiated remotely and easily, it poses a significant security risk. There are no known patches or mitigations, so affected devices may need to be replaced to avoid exploitation. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic for requests to the endpoint /goform/Fast_wireless_conf that include unusually long or malformed 'ssid' parameters, which may indicate attempts to exploit the buffer overflow. Since the exploit involves sending crafted HTTP requests to the router, you can use tools like curl or wget to test the endpoint with oversized ssid values. For example, a command like: curl -X POST http://<router-ip>/goform/Fast_wireless_conf -d "ssid=$(python3 -c 'print("A"*500)')" could be used to test if the device is vulnerable by observing if it crashes or behaves abnormally. Additionally, network intrusion detection systems (NIDS) can be configured to alert on suspicious POST requests to this endpoint with large payloads. However, no specific detection commands or signatures are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include discontinuing use of the affected UTT θΏε 750W device with firmware up to 3.2.2-191225, as no patches or vendor fixes are available. Consider replacing the vulnerable device with a secure alternative. Additionally, restrict remote access to the router's management interface to trusted networks only, and implement network-level protections such as firewall rules to block access to the /goform/Fast_wireless_conf endpoint. Monitoring for exploit attempts and isolating the device from untrusted networks can also reduce risk. Since the vendor has not provided any official mitigation, these steps are recommended to reduce exposure. [2]