CVE-2026-0837
Remote Buffer Overflow in UTT 进取 520W strcpy Function
Publication date: 2026-01-11
Last updated on: 2026-01-11
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 进取_520w | 1.7.7-180627 |
| utt | 进取_520w | v3v1.7.7-180627 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the UTT 进取 520W 1.7.7-180627 device, specifically in the strcpy function of the /goform/formFireWall file. Manipulating the GroupName argument can cause a buffer overflow, which means an attacker can overwrite memory and potentially execute arbitrary code. The attack can be performed remotely, and an exploit is publicly available.
How can this vulnerability impact me? :
The vulnerability can allow a remote attacker to cause a buffer overflow by manipulating the GroupName argument, potentially leading to arbitrary code execution. This can compromise the affected device's confidentiality, integrity, and availability, allowing unauthorized access or control.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring access attempts to the endpoint /goform/formFireWall with suspicious or unusually large input in the GroupName parameter, which triggers the buffer overflow. Since the exploit is publicly available, network intrusion detection systems (NIDS) can be configured to look for exploit signatures targeting this endpoint. However, no specific detection commands are provided in the resources. It is recommended to monitor HTTP requests to /goform/formFireWall for abnormal payload sizes or patterns indicative of buffer overflow attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
No known mitigations or countermeasures have been identified for this vulnerability. The vendor did not respond to the disclosure, and it is suggested to consider replacing the affected product (UTT 进取 520W version 1.7.7-180627) to mitigate the risk. Immediate steps include restricting remote access to the vulnerable endpoint, monitoring for exploit attempts, and planning for device replacement. [1]