CVE 8.6 HIGH

UTT 进取 521G setSysAdm doSystem command injection_CVE-2026-2182

February 8, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

AI Analysis

Command injection vulnerability in UTT 进取 521G setSysAdm doSystem function

Basic Information

ID CVE-2026-2182

Source VulDB

Published Feb 8, 2026 at 20:02

Affected Product

Vendor UTT

Product 进取 521G

Version 3.1.1-190816

Affected Versions UTT 进取 521G 3.1.1-190816

CWE Classification

CWE-77 CWE-74

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor UTT

Product 进取 521G

Version 3.1.1-190816

References

{
    "lastseen": "",
    "description": "A weakness has been identified in UTT \u8fdb\u53d6 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.",
    "published": "2026-02-08T20:02:06.826Z",
    "modified": "2026-02-08T20:02:06.826Z",
    "type": "cve",
    "title": "UTT \u8fdb\u53d6 521G setSysAdm doSystem command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344885\nhttps://vuldb.com/?ctiid.344885\nhttps://vuldb.com/?submit.749712\nhttps://github.com/cha0yang1/UTT521G/blob/main/RCE1.md\nhttps://github.com/cha0yang1/UTT521G/blob/main/RCE1.md#poc",
    "id": "CVE-2026-2182",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "UTT \u8fdb\u53d6 521G 3.1.1-190816",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "\u8fdb\u53d6 521G",
    "version": "3.1.1-190816",
    "vendor": "UTT",
    "ai_description": "Command injection vulnerability in UTT \u8fdb\u53d6 521G setSysAdm doSystem function",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "\u8fdb\u53d6 521G",
    "ai_version": "3.1.1-190816",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply