HIGHCVE-2026-0837Published 2026-01-11Modified 2026-02-23CNA VulDB

CVE-2026-0837: UTT 进取 520W formFireWall strcpy buffer overflow

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

UTT / 进取 520W
1.7.7-180627

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

VDB-340437 | UTT 进取 520W formFireWall strcpy buffer overflow
VDB-340437 | CTI Indicators (IOB, IOC, IOA)
Submit #729019 | UTT 进取 520W v3v1.7.7-180627 Buffer Overflow
github.com

Metrics