UTT 进取 512W formWebAuthGlobalConfig memory corruption_CVE-2025-14572

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-14572

Source VulDB

Published Dec 12, 2025 at 19:32

Modified Dec 12, 2025 at 20:06

Affected Product

Vendor UTT

Product 进取 512W

Version 1.7.7-171114

Affected Versions UTT 进取 512W 1.7.7-171114

CWE Classification

CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was found in UTT \u8fdb\u53d6 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-12-12T19:32:06.657Z",
    "modified": "2025-12-12T20:06:23.309Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 512W formWebAuthGlobalConfig memory corruption",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.336196\nhttps://vuldb.com/?ctiid.336196\nhttps://vuldb.com/?submit.704107\nhttps://github.com/alc9700jmo/CVE/issues/21",
    "id": "CVE-2025-14572",
    "bulletinFamily": "",
    "cwe": [
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 512W 1.7.7-171114",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 512W",
    "version": "1.7.7-171114",
    "vendor": "UTT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}