CVE-2026-2066
Remote Buffer Overflow in UTT 进取 520W strcpy Function
Publication date: 2026-02-06
Last updated on: 2026-02-10
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 520w_firmware | 1.7.7-180627 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2066 is a critical buffer overflow vulnerability found in the UTT 进取 520W device, version 1.7.7-180627. It occurs in the function strcpy within the file /goform/formIpGroupConfig, where the input argument groupName is copied without verifying its size against the destination buffer. This improper handling allows an attacker to overflow the buffer by sending a specially crafted input.
The vulnerability is a classic example of CWE-120 (buffer overflow) and CWE-119 issues, which can be exploited remotely without requiring physical or local access. The exploit is publicly available and considered easy to execute.
How can this vulnerability impact me? :
Exploiting this vulnerability can impact the confidentiality, integrity, and availability of the affected system. An attacker can remotely execute a buffer overflow attack, potentially leading to denial-of-service (DoS) conditions or other malicious actions against the router.
Because the vulnerability allows remote exploitation without user interaction, it poses a high risk. The attack can disrupt network operations or allow further compromise of the device.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a buffer overflow in the function strcpy within the file /goform/formIpGroupConfig of the UTT 进取 520W 1.7.7-180627 router. Detection would involve monitoring or testing the endpoint /goform/formIpGroupConfig for abnormal behavior or attempts to exploit the groupName parameter.
Since the exploit is publicly available and the attack is remotely executable, one could attempt to detect exploitation attempts by capturing and analyzing network traffic targeting the /goform/formIpGroupConfig endpoint, looking for unusually long or malformed groupName parameters.
No specific detection commands or signatures are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
No official mitigations or patches have been provided by the vendor, as they did not respond to the disclosure.
Immediate mitigation steps include considering replacing the affected product to avoid exposure to this critical buffer overflow vulnerability.
Additionally, restricting remote access to the vulnerable endpoint /goform/formIpGroupConfig or implementing network-level protections such as firewalls or intrusion prevention systems to block exploit attempts may help reduce risk.