CVE-2025-7118
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2025-07-07

Last updated on: 2026-01-08

Assigner: VulDB

Description
A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-07
Last Modified
2026-01-08
Generated
2026-05-07
AI Q&A
2025-07-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7118
EUVD
EUVD-2025-20200
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
utt 840g_firmware to 3.1.1-190328 (inc)
utt 840g 3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7118 is a critical buffer overflow vulnerability in the UTT HiPER 840G router firmware up to version 3.1.1-190328. It occurs due to improper handling of the 'importpictureurl' argument in the /goform/formPictureUrl endpoint, where unsafe copying of input data leads to a buffer overflow. This flaw allows an attacker to remotely execute an attack without local access, potentially compromising the system's confidentiality, integrity, and availability. [1, 2]


How can this vulnerability impact me? :

This vulnerability can be exploited remotely to cause a buffer overflow, which may lead to denial of service (DoS) by crashing the device or potentially allow further compromise of the system's confidentiality, integrity, and availability. The exploit is easy to perform and publicly available, making affected devices highly vulnerable to attacks that can disrupt network operations or lead to unauthorized access. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring network traffic for HTTP requests targeting the endpoint `/goform/formPictureUrl` with the parameter `importpictureurl`. Suspiciously long or malformed values in this parameter may indicate an attempt to exploit the buffer overflow. You can use tools like curl or wget to test the endpoint manually, for example: `curl -v 'http://<target-ip>/goform/formPictureUrl?importpictureurl=<long_string>'`. Additionally, network intrusion detection systems (NIDS) can be configured to alert on such requests. However, no specific detection commands or signatures are provided in the available information. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include discontinuing use of the affected UTT HiPER 840G firmware versions up to 3.1.1-190328, as no patches or vendor fixes are available. It is recommended to replace the affected device with an alternative product. Since the vulnerability can be exploited remotely, restricting network access to the device, such as blocking access to the `/goform/formPictureUrl` endpoint via firewall rules or network segmentation, may reduce exposure. Monitoring for exploit attempts and applying general network security best practices are also advised. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart