CVE 8.7 HIGH

UTT 进取 512W ConfigExceptMSN strcpy buffer overflow_CVE-2025-15092

December 25, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

AI Analysis

Buffer overflow vulnerability in UTT 进取 512W up to 1.7.7-171114 via the strcpy function in the /goform/ConfigExceptMSN file, allowing remote exploitation.

Basic Information

ID CVE-2025-15092

Source VulDB

Published Dec 26, 2025 at 00:02

Affected Product

Vendor UTT

Product 进取 512W

Version 1.7.7-171114

Affected Versions UTT 进取 512W 1.7.7-171114

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor UTT

Product 进取 512W

Version 1.7.7-171114

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in UTT \u8fdb\u53d6 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.",
    "published": "2025-12-26T00:02:06.954Z",
    "modified": "2025-12-26T00:02:06.954Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 512W ConfigExceptMSN strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.338421\nhttps://vuldb.com/?ctiid.338421\nhttps://vuldb.com/?submit.708351\nhttps://github.com/cymiao1978/cve/blob/main/new/17.md\nhttps://github.com/cymiao1978/cve/blob/main/new/17.md#poc",
    "id": "CVE-2025-15092",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 512W 1.7.7-171114",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 512W",
    "version": "1.7.7-171114",
    "vendor": "UTT",
    "ai_description": "Buffer overflow vulnerability in UTT \u8fdb\u53d6 512W up to 1.7.7-171114 via the strcpy function in the /goform/ConfigExceptMSN file, allowing remote exploitation.",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "\u8fdb\u53d6 512W",
    "ai_version": "1.7.7-171114",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply