17 matches found
CVE-2025-13442
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
EUVD-2025-198255
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
CVE-2025-13442
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
CVE-2025-13442 UTT 进取 750W formPdbUpConfig system command injection
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
EUVD-2025-18354
Malicious code in bioql PyPI...
EUVD-2025-20197
Malicious code in bioql PyPI...
CVE-2025-10172
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...
CVE-2025-10172
CVE-2025-10172 affects UTT 750W firmware up to 3.2.2-191225. The vulnerability is a buffer overflow in the handling of the importpictureurl argument within the /goform/formPictureUrl endpoint. Exploitation can be performed remotely, with publicized exploits and a POI (proof-of-concept) status in ...
CVE-2025-10172 UTT 750W formPictureUrl buffer overflow
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...
UTT 750W 安全漏洞
The UTT 750W is an enterprise-grade dual-band wireless router from the AiTai UTT brand that supports 2.4GHz and 5GHz bands with wireless transmission rates up to 750Mbps. The UTT 750W suffers from a buffer overflow vulnerability, which originates from the handling of the importpictureurl paramete...
CVE-2025-7116
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fastwirelessconf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclose...
CVE-2025-7116
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fastwirelessconf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclose...
CVE-2025-7116
CVE-2025-7116 affects the UTT Progress 750W router (up to version 3.2.2-191225). The vulnerability resides in handling of the ssid parameter in the file /goform/Fast_wireless_conf, where improper input processing leads to a buffer overflow. Exploitation can be performed remotely, and the public e...
CVE-2025-6098
A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The explo...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6098
CVE-2025-6098 : A buffer overflow exists in the UTT Progress 750W API endpoint /goform/setSysAdm, triggered by the passwd1 argument in the strcpy usage. Affects versions up to 5.0; vulnerability can be exploited remotely, with exploitation described as a proof-of-concept in sources. Impact includ...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...