CVE-2025-14139
BaseFortify
Publication date: 2025-12-06
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 520w_firmware | 1.7.7-180627 |
| utt | 520w | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the strcpy function within the /goform/formConfigDnsFilterGlobal file of UTT θΏε 520W 1.7.7-180627. It occurs when the argument timeRangeName is manipulated, leading to memory corruption. The vulnerability has been publicly disclosed and can be exploited.
How can this vulnerability impact me? :
The vulnerability can lead to a buffer overflow, which may cause denial of service or potentially allow an attacker to execute arbitrary code or disrupt the availability of the affected system. According to the CVSS scores, it impacts availability but not confidentiality or integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring HTTP requests to the endpoint /goform/formConfigDnsFilterGlobal for suspicious or unusually large values in the timeRangeName parameter that could trigger the buffer overflow. Since the vulnerability involves a strcpy buffer overflow via this parameter, inspecting web traffic or logs for attempts to exploit this parameter is recommended. Specific commands are not provided in the resources, but network monitoring tools like tcpdump or Wireshark can be used to capture HTTP requests to this endpoint. For example, using tcpdump: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then filtering for /goform/formConfigDnsFilterGlobal in the HTTP request payload. Alternatively, web server logs can be searched for requests containing /goform/formConfigDnsFilterGlobal and suspicious timeRangeName parameters. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
There are no known vendor-provided mitigations or patches for this vulnerability as the vendor did not respond to the disclosure. Immediate mitigation steps include considering replacing the affected product (UTT θΏε 520W version 1.7.7-180627) with a secure alternative. Additionally, restricting access to the vulnerable endpoint by limiting network exposure, applying firewall rules to block or filter requests to /goform/formConfigDnsFilterGlobal, and monitoring for exploit attempts can help reduce risk. Since the exploit is publicly available and remotely exploitable, minimizing network exposure and replacing the device are the recommended immediate actions. [2]