| Titel | UTT / 艾泰 Aggressive 512W <= v3.1.7.7-171114 Buffer Overflow / Memory Corruption |
|---|
| Beschreibung | A remote buffer overflow vulnerability exists in the UTT Aggressive 512W router's /goform/formConfigFastDirectionW endpoint. When the "wrlessMode" parameter is set to 4, the application uses an unsafe strcpy() function to copy the "ssid" parameter into a fixed-size buffer without bounds validation. An unauthenticated remote attacker can exploit this vulnerability by sending a malicious POST request with an oversized SSID value, triggering memory corruption and denial of service attacks. |
|---|
| Quelle | ⚠️ https://github.com/maximdevere/CVE2/issues/7 |
|---|
| Benutzer | MaximDeVere (UID 89915) |
|---|
| Einreichung | 30.11.2025 04:07 (vor 7 Monaten) |
|---|
| Moderieren | 11.12.2025 11:36 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 335874 [UTT 进取 512W bis 3.1.7.7-171114 formConfigFastDirectionW strcpy ssid Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|