CVE 8.6 HIGH

UTT 进取 521G formPdbUpConfig sub_446B18 os command injection_CVE-2026-2188

February 8, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

AI Analysis

UTT 进取 521G is vulnerable to os command injection via the function sub_446B18 of the file /goform/formPdbUpConfig, allowing remote attackers to launch an attack.

Basic Information

ID CVE-2026-2188

Source VulDB

Published Feb 8, 2026 at 21:32

Affected Product

Vendor UTT

Product 进取 521G

Version 3.1.1-190816

Affected Versions UTT 进取 521G 3.1.1-190816

CWE Classification

CWE-78 CWE-77

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor UTT

Product 进取 521G

Version 3.1.1-190816

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in UTT \u8fdb\u53d6 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-02-08T21:32:06.327Z",
    "modified": "2026-02-08T21:32:06.327Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 521G formPdbUpConfig sub_446B18 os command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344891\nhttps://vuldb.com/?ctiid.344891\nhttps://vuldb.com/?submit.749733\nhttps://github.com/cha0yang1/UTT521G/blob/main/RCE2.md",
    "id": "CVE-2026-2188",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 521G 3.1.1-190816",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 521G",
    "version": "3.1.1-190816",
    "vendor": "UTT",
    "ai_description": "UTT \u8fdb\u53d6 521G is vulnerable to os command injection via the function sub_446B18 of the file /goform/formPdbUpConfig, allowing remote attackers to launch an attack.",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "\u8fdb\u53d6 521G",
    "ai_version": "3.1.1-190816",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply