CVE Details
Basic Information
| Title | UTT HiPER 840G API formP2PLimitConfig sub_484E40 buffer overflow |
|---|---|
| Type | cve |
| Published | 2025-06-26T23:00:13.348Z |
| Last Seen |
Product Information
| Vendor | UTT |
|---|---|
| Product | HiPER 840G |
| Version | 3.1.1-190328 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical buffer overflow vulnerability in UTT HiPER 840G’s API component allows remote attackers to cause a buffer overflow, potentially leading to system compromise. This issue is highly severe and has been publicly disclosed. |
|---|---|
| AI Severity | High |
| Vendor | UTT |
| Product | HiPER 840G |
| Affected Version | 3.1.1-190328 |
Affected Products
- UTT HiPER 840G 3.1.1-190328
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-120, CWE-119 |
| Bulletin Family |
References
Description
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. This issue affects the function sub_484E40 of the file /goform/formP2PLimitConfig of the component API. The manipulation of the argument except leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.