UTT 进取 518G formRemoteControl sub_4247AC buffer overflow_CVE-2025-11651

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-11651

Source VulDB

Published Oct 12, 2025 at 23:32

Affected Product

Vendor UTT

Product 进取 518G

Version V3v3.2.7-210919-161313

Affected Versions UTT 进取 518G V3v3.2.7-210919-161313

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in UTT \u8fdb\u53d6 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-12T23:32:06.071Z",
    "modified": "2025-10-12T23:32:06.071Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 518G formRemoteControl sub_4247AC buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.328068\nhttps://vuldb.com/?ctiid.328068\nhttps://vuldb.com/?submit.664925\nhttps://github.com/cymiao1978/cve/blob/main/13.md\nhttps://github.com/cymiao1978/cve/blob/main/13.md#poc",
    "id": "CVE-2025-11651",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 518G V3v3.2.7-210919-161313",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 518G",
    "version": "V3v3.2.7-210919-161313",
    "vendor": "UTT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}