UTT 1250GW formUserStatusRemark strcpy buffer overflow_CVE-2025-11323

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in UTT 1250GW up to v2v3.2.2-200710. Affected is the function strcpy of the file /goform/formUserStatusRemark. This manipulation of the argument Username causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-11323

Source VulDB

Published Oct 6, 2025 at 06:02

Affected Product

Vendor UTT

Product 1250GW

Version v2v3.2.2-200710

Affected Versions UTT 1250GW v2v3.2.2-200710

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in UTT 1250GW up to v2v3.2.2-200710. Affected is the function strcpy of the file /goform/formUserStatusRemark. This manipulation of the argument Username causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-06T06:02:06.891Z",
    "modified": "2025-10-06T06:02:06.891Z",
    "type": "cve",
    "title": "UTT 1250GW formUserStatusRemark strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.327206\nhttps://vuldb.com/?ctiid.327206\nhttps://vuldb.com/?submit.664524\nhttps://github.com/DavCloudz/cve/issues/3",
    "id": "CVE-2025-11323",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT 1250GW v2v3.2.2-200710",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "1250GW",
    "version": "v2v3.2.2-200710",
    "vendor": "UTT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}