UTT HiPER 2620G fNTP strcpy buffer overflow_CVE-2025-11653

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-11653

Source VulDB

Published Oct 13, 2025 at 00:32

Affected Product

Vendor UTT

Product HiPER 2620G

Version 3.1.0

Affected Versions UTT HiPER 2620G 3.1.0
UTT HiPER 2620G 3.1.1
UTT HiPER 2620G 3.1.2
UTT HiPER 2620G 3.1.3
UTT HiPER 2620G 3.1.4

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-13T00:32:05.055Z",
    "modified": "2025-10-13T00:32:05.055Z",
    "type": "cve",
    "title": "UTT HiPER 2620G fNTP strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.328070\nhttps://vuldb.com/?ctiid.328070\nhttps://vuldb.com/?submit.665712\nhttps://github.com/ashin9/CVE/issues/2",
    "id": "CVE-2025-11653",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT HiPER 2620G 3.1.0\nUTT HiPER 2620G 3.1.1\nUTT HiPER 2620G 3.1.2\nUTT HiPER 2620G 3.1.3\nUTT HiPER 2620G 3.1.4",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HiPER 2620G",
    "version": "3.1.0",
    "vendor": "UTT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}