CVE-2025-7570
BaseFortify
Publication date: 2025-07-14
Last updated on: 2025-07-15
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | hiper_840g | 3.1.1-190328 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7570 is a critical buffer overflow vulnerability in the UTT HiPER 840G router firmware up to version 3.1.1-190328. It occurs in the handling of the parameter 'remoteSrcTemp' in the file /goform/aspRemoteApConfTempSend. The router uses an unsafe function call to copy data without checking the size, allowing an attacker to overflow the buffer remotely. This can lead to denial of service or arbitrary code execution. [1, 2]
How can this vulnerability impact me? :
This vulnerability can be exploited remotely to cause denial of service (DoS) or to execute arbitrary code on the affected router. This compromises the confidentiality, integrity, and availability of the device, potentially disrupting network operations and exposing the system to further attacks. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be attempted by monitoring network traffic for HTTP requests targeting the endpoint /goform/aspRemoteApConfTempSend with unusually large or malformed remoteSrcTemp parameters that could trigger the buffer overflow. Since the vulnerability involves a buffer overflow via the remoteSrcTemp argument, commands like using curl or wget to send crafted requests to the endpoint could help test if the system is vulnerable. For example, a command to test might be: curl -X POST http://<router-ip>/route/goform/aspRemoteApConfTempSend -d "remoteSrcTemp=$(python3 -c 'print("A"*1000)')". Additionally, network intrusion detection systems (NIDS) can be configured to alert on suspicious POST requests to this endpoint with large payloads. However, no specific detection tools or signatures are provided. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include discontinuing use of the affected UTT HiPER 840G firmware versions up to 3.1.1-190328, as no vendor patches or countermeasures are available. It is recommended to replace the affected product with an alternative device. Additionally, restricting network access to the vulnerable endpoint by firewall rules or network segmentation to prevent remote exploitation can reduce risk. Monitoring for exploit attempts and disabling remote management if possible are also advisable interim measures. [2]