إرسال #847632: UTT HiPER 1250GW <=v3.2.7-210907-180535 Stack-based Buffer Overflowالمعلومات

عنوانUTT HiPER 1250GW <=v3.2.7-210907-180535 Stack-based Buffer Overflow
الوصفA buffer overflow vulnerability exists in UTT HiPER 1250GW router with firmware version <=v3.2.7-210907-180535. The vulnerability is located at the web endpoint /goform/ConfigWirelessBase_5g, triggered by the POST parameter ssid. Unsafe function strcpy((char *)(v8 + 40), src_1); is used without bounds checking. Supplying an overlong SSID payload leads to memory corruption and remote denial of service, crashing the target router. The vendor UTT has been notified via official email [email protected], complete sent mail record is available. No CVE-ID has been assigned to this flaw before. This vulnerability was previously submitted to CNVD for vulnerability filing but got rejected without any assigned CVE number. Valid POST POC is ready to reproduce the crash.
المصدر⚠️ https://github.com/J-CLOWN-TAROT/UTT
المستخدم
 tarot0 (UID 98756)
ارسال04/06/2026 12:18 PM (1 شهر منذ)
الاعتدال04/07/2026 09:58 AM (30 days later)
الحالةتمت الموافقة
إدخال VulDB376308 [UTT HiPER 1250GW حتى 3.2.7-210907-180535 Web Endpoint ConfigWirelessBase_5g ssid تلف الذاكرة]
النقاط20

Interested in the pricing of exploits?

See the underground prices here!