CVE Details
Basic Information
| Title | UTT 进取 750W API setSysAdm strcpy buffer overflow |
|---|---|
| Type | cve |
| Published | 2025-06-16T00:31:04.662Z |
| Last Seen |
Product Information
| Vendor | UTT |
|---|---|
| Product | 进取 750W |
| Version | 5.0 |
CVSS Information
| Base Score | 9.3 (CRITICAL) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical buffer overflow vulnerability exists in the UTT 进取 750W API up to version 5.0. The vulnerability is in the setSysAdm function and can be triggered by a remote attacker. The vendor was notified but did not respond. |
|---|---|
| AI Severity | Critical |
| Vendor | UTT |
| Product | 进取 750W |
| Affected Version | 5.0 |
Affected Products
- UTT 进取 750W 5.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-120, CWE-119 |
| Bulletin Family |
References
Description
A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.