| शीर्षक | UTT HiPER 1200GW v2.5.3-170306 Buffer Overflow |
|---|
| विवरण | Vulnerability Details:
The vulnerability resides in the web management interface, accessible over HTTP/HTTPS on the LAN/WAN side (depending on configuration). The CGI program responsible for handling requests to /goform/setSysAdm contains an unsafe call to strcpy() that fails to validate the length of user-supplied input before copying it into a fixed-size stack buffer.
The vulnerable code path:
strcpy((char *)(InstPointByName + 20), Var);
Here, Var is directly derived from a POST parameter (e.g., sysAdmUser, sysAdmPass, or similar form fields), and InstPointByName is a structure located on the stack. No bounds checking is performed prior to the strcpy operation. By supplying an overly long string, an attacker can overflow the destination buffer, overwriting critical stack data including the saved return address. |
|---|
| स्रोत | ⚠️ https://github.com/zhouguobing-maker/cve/blob/main/9.md |
|---|
| उपयोगकर्ता | zhouguobing (UID 97697) |
|---|
| सबमिशन | 03/05/2026 10:23 AM (1 महीना पहले) |
|---|
| संयम | 26/05/2026 07:25 PM (23 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 365683 [UTT HiPER 1200GW तक 2.5.3-170306 Web Management Interface /goform/setSysAdm strcpy sysAdmUser/sysAdmPass बफ़र ओवरफ़्लो] |
|---|
| अंक | 20 |
|---|