ГлавнаяУязвимости → CVE-2025-15091
8.8высокая

CVE-2025-15091

Описание

A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/formPictureUrl. This manipulation of the argument importpictureurl causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Затрагиваемое ПО
Utt 512w firmwareUtt 512w
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/cymiao1978/cve/blob/main/new/16.mdhttps://github.com/cymiao1978/cve/blob/main/new/16.md#pochttps://vuldb.com/?ctiid.338420https://vuldb.com/?id.338420https://vuldb.com/?submit.708350https://github.com/cymiao1978/cve/blob/main/new/16.md#poc