CVE-2025-10169
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-09-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 1200gw | 3.0.0-170831 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected device. An attacker can remotely exploit the buffer overflow to cause denial of service, potentially disrupting network connectivity or device operation. Since no authentication is required and exploits are publicly available, the risk of exploitation is high. There are no known mitigations or patches, so the device may remain vulnerable unless replaced. [2]
Can you explain this vulnerability to me?
CVE-2025-10169 is a critical buffer overflow vulnerability in the UTT 1200GW router firmware up to version 3.0.0-170831. It occurs due to improper handling of the 'ssid' argument in the /goform/ConfigWirelessBase file, where input data is copied without proper bounds checking, leading to a buffer overflow. This flaw allows an attacker to remotely exploit the device, potentially causing denial of service or other impacts by corrupting memory. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability can be attempted by monitoring network traffic for requests to the endpoint /goform/ConfigWirelessBase with suspicious or unusually large ssid parameters that could trigger the buffer overflow. Since the exploit involves sending crafted HTTP requests to this path, using tools like curl or wget to test the endpoint with oversized ssid values may help identify vulnerable devices. For example, a command like: curl -X POST http://<device-ip>/goform/ConfigWirelessBase -d "ssid=$(python3 -c 'print("A"*1000)')" could be used to test if the device crashes or behaves abnormally. Additionally, network intrusion detection systems (NIDS) can be configured to alert on HTTP POST requests to /goform/ConfigWirelessBase with large payloads or unusual ssid parameters. However, no specific detection commands or signatures are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected UTT 1200GW device with an alternative product, as no patches or vendor fixes are available. Since the vulnerability can be exploited remotely without authentication, it is recommended to restrict network access to the device, such as limiting exposure to untrusted networks or applying firewall rules to block access to the /goform/ConfigWirelessBase endpoint. Monitoring for exploit attempts and disabling remote management features if possible can also reduce risk. Due to the lack of vendor response and no known mitigations, device replacement is the most reliable mitigation. [2]