CVE 8.7 HIGH

UTT 1200GW formApLbConfig sub_4B48F8 buffer overflow_CVE-2025-10170

September 9, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the function sub_4B48F8 of the file /goform/formApLbConfig. Such manipulation of the argument loadBalanceNameOld leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in UTT 1200GW firmware affecting the formApLbConfig functionality, allowing remote attackers to execute arbitrary code via crafted input.

Basic Information

ID CVE-2025-10170

Source VulDB

Published Sep 9, 2025 at 21:02

Affected Product

Vendor UTT

Product 1200GW

Version 3.0.0-170831

Affected Versions UTT 1200GW 3.0.0-170831

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity HIGH

Vendor UTT

Product 1200GW

Version 3.0.0-170831

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the function sub_4B48F8 of the file /goform/formApLbConfig. Such manipulation of the argument loadBalanceNameOld leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-09-09T21:02:09.730Z",
    "modified": "2025-09-09T21:02:09.730Z",
    "type": "cve",
    "title": "UTT 1200GW formApLbConfig sub_4B48F8 buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.323205\nhttps://vuldb.com/?ctiid.323205\nhttps://vuldb.com/?submit.636697\nhttps://github.com/lin-3-start/lin-cve/blob/main/UTT%201200GW-2/UTT%201200GW-2.md",
    "id": "CVE-2025-10170",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT 1200GW 3.0.0-170831",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "1200GW",
    "version": "3.0.0-170831",
    "vendor": "UTT",
    "ai_description": "Buffer overflow vulnerability in UTT 1200GW firmware affecting the formApLbConfig functionality, allowing remote attackers to execute arbitrary code via crafted input.",
    "ai_severity": "HIGH",
    "ai_vendor": "UTT",
    "ai_product": "1200GW",
    "ai_version": "3.0.0-170831",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply