CVE-2025-15092
Remote Buffer Overflow in UTT 进取 512W strcpy Function
Publication date: 2025-12-26
Last updated on: 2025-12-26
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 进取_512w | 1.7.7-171114 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-15092 is a critical buffer overflow vulnerability in the UTT 进取 512W device, affecting versions up to 1.7.7-171114. It occurs in the strcpy function within the /goform/ConfigExceptMSN file, where the 'remark' argument can be manipulated with input exceeding the buffer size. This lack of input size validation causes a buffer overflow, allowing remote attackers to exploit the flaw without authentication. The vulnerability can lead to arbitrary code execution or denial of service. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected device. An attacker can remotely exploit the buffer overflow to execute arbitrary code or cause denial of service, potentially disrupting device operation or gaining unauthorized control. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring or testing the router's endpoint /goform/ConfigExceptMSN for abnormal behavior or by sending crafted input to this endpoint to check for buffer overflow symptoms. Since the vulnerability is triggered by manipulating the 'remark' argument in the strcpy function, detection can involve sending test requests with oversized 'remark' parameters and observing for crashes or unexpected responses. Specific commands are not provided in the resources, but using tools like curl or custom scripts to send HTTP POST requests to /goform/ConfigExceptMSN with large payloads in the 'remark' parameter could help detect the vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include considering replacing the affected UTT 进取 512W device or applying vendor patches if available. Since no known countermeasures or mitigations have been identified, it is recommended to monitor for vendor updates and avoid exposing the vulnerable endpoint to untrusted networks. Network-level protections such as firewall rules to restrict access to the /goform/ConfigExceptMSN endpoint may also help reduce risk until a patch is applied. [1]