CVE 8.7 HIGH

UTT 进取 512W formFtpServerDirConfig strcpy buffer overflow_CVE-2025-15431

January 2, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in UTT 进取 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. Executing manipulation of the argument filename can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in UTT 进取 512W via manipulation of the filename argument in the formFtpServerDirConfig function

Basic Information

ID CVE-2025-15431

Source VulDB

Published Jan 2, 2026 at 06:02

Affected Product

Vendor UTT

Product 进取 512W

Version 1.7.7-171114

Affected Versions UTT 进取 512W 1.7.7-171114

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor UTT

Product 进取 512W

Version 1.7.7-171114

References

{
    "lastseen": "",
    "description": "A flaw has been found in UTT \u8fdb\u53d6 512W 1.7.7-171114. This affects the function strcpy of the file /goform/formFtpServerDirConfig. Executing manipulation of the argument filename can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-01-02T06:02:05.648Z",
    "modified": "2026-01-02T06:02:05.648Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 512W formFtpServerDirConfig strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.339353\nhttps://vuldb.com/?ctiid.339353\nhttps://vuldb.com/?submit.721889\nhttps://github.com/GUOTINGTING2297/cve/blob/main/1234/21.md\nhttps://github.com/GUOTINGTING2297/cve/blob/main/1234/21.md#poc",
    "id": "CVE-2025-15431",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 512W 1.7.7-171114",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 512W",
    "version": "1.7.7-171114",
    "vendor": "UTT",
    "ai_description": "Buffer overflow vulnerability in UTT \u8fdb\u53d6 512W via manipulation of the filename argument in the formFtpServerDirConfig function",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "\u8fdb\u53d6 512W",
    "ai_version": "1.7.7-171114",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply