CVE Details
Basic Information
| Title | UTT HiPER 840G formPictureUrl buffer overflow |
|---|---|
| Type | cve |
| Published | 2025-07-07T07:32:05.386Z |
| Modified | 2025-07-07T07:32:05.386Z |
Product Information
| Vendor | UTT |
|---|---|
| Product | HiPER 840G |
| Version | 3.1.1-190328 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical buffer overflow vulnerability in UTT HiPER 840G version 3.1.1-190328 allows remote attackers to exploit the formPictureUrl parameter, leading to potential system compromise. The vendor has not responded to disclosure attempts. |
|---|---|
| AI Severity | Critical |
| AI Vendor | UTT |
| AI Product | HiPER 840G |
| AI Version | 3.1.1-190328 |
Affected Products
- UTT HiPER 840G 3.1.1-190328
Additional Information
| CWE List | CWE-120, CWE-119 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.