17 matches found
CVE-2025-13442
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
EUVD-2025-198255
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
CVE-2025-13442
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
CVE-2025-13442 UTT 进取 750W formPdbUpConfig system command injection
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...
EUVD-2025-18354
Malicious code in bioql PyPI...
EUVD-2025-20197
Malicious code in bioql PyPI...
CVE-2025-10172
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...
CVE-2025-10172 UTT 750W formPictureUrl buffer overflow
A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...
CVE-2025-10172
CVE-2025-10172 affects UTT 750W firmware up to 3.2.2-191225. The vulnerability is a buffer overflow in the handling of the importpictureurl argument within the /goform/formPictureUrl endpoint. Exploitation can be performed remotely, with publicized exploits and a POI (proof-of-concept) status in ...
UTT 750W 安全漏洞
The UTT 750W is an enterprise-grade dual-band wireless router from the AiTai UTT brand that supports 2.4GHz and 5GHz bands with wireless transmission rates up to 750Mbps. The UTT 750W suffers from a buffer overflow vulnerability, which originates from the handling of the importpictureurl paramete...
CVE-2025-7116
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fastwirelessconf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclose...
CVE-2025-7116
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fastwirelessconf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclose...
CVE-2025-7116
CVE-2025-7116 affects the UTT Progress 750W router (up to version 3.2.2-191225). The vulnerability resides in handling of the ssid parameter in the file /goform/Fast_wireless_conf, where improper input processing leads to a buffer overflow. Exploitation can be performed remotely, and the public e...
CVE-2025-6098
A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The explo...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...
CVE-2025-6098
CVE-2025-6098 : A buffer overflow exists in the UTT Progress 750W API endpoint /goform/setSysAdm, triggered by the passwd1 argument in the strcpy usage. Affects versions up to 5.0; vulnerability can be exploited remotely, with exploitation described as a proof-of-concept in sources. Impact includ...
CVE-2025-6097
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. T...