← Back
2025-12-25 22:32CVE-2025-15089VulDB
PUBLISHED5.2CWE-120CWE-119

UTT 进取 512W APSecurity strcpy buffer overflow

A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy of the file /goform/APSecurity. The manipulation of the argument wepkey1 leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Problem type

Affected products

UTT

进取 512W

1.7.7-171114 - AFFECTED

References

VDB-338418 | UTT 进取 512W APSecurity strcpy buffer overflow

https://vuldb.com/?id.338418

vdb-entrytechnical-description
VDB-338418 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/?ctiid.338418

signaturepermissions-required
Submit #708348 | UTT 进取 512W v3v1.7.7-171114 Buffer Overflow

https://vuldb.com/?submit.708348

third-party-advisory
github.com

https://github.com/cymiao1978/cve/blob/main/new/14.md

related
github.com

https://github.com/cymiao1978/cve/blob/main/new/14.md#poc

exploit

GitHub Security Advisories

GHSA-29wh-g4c8-c35q

A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function...

https://github.com/advisories/GHSA-29wh-g4c8-c35q

A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy of the file /goform/APSecurity. The manipulation of the argument wepkey1 leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2025-15089

github.com

https://github.com/cymiao1978/cve/blob/main/new/14.md

github.com

https://github.com/cymiao1978/cve/blob/main/new/14.md#poc

vuldb.com

https://vuldb.com/?ctiid.338418

vuldb.com

https://vuldb.com/?id.338418

vuldb.com

https://vuldb.com/?submit.708348

github.com

https://github.com/advisories/GHSA-29wh-g4c8-c35q

JSON source

https://cveawg.mitre.org/api/cve/CVE-2025-15089
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2025-15089",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2025-12-25T22:32:07.032Z",
    "dateReserved": "2025-12-25T12:42:24.452Z",
    "datePublished": "2025-12-25T22:32:07.032Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2025-12-25T22:32:07.032Z"
      },
      "title": "UTT 进取 512W APSecurity strcpy buffer overflow",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy of the file /goform/APSecurity. The manipulation of the argument wepkey1 leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used."
        }
      ],
      "affected": [
        {
          "vendor": "UTT",
          "product": "进取 512W",
          "versions": [
            {
              "version": "1.7.7-171114",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Buffer Overflow",
              "cweId": "CWE-120",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Memory Corruption",
              "cweId": "CWE-119",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/?id.338418",
          "name": "VDB-338418 | UTT 进取 512W APSecurity strcpy buffer overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/?ctiid.338418",
          "name": "VDB-338418 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/?submit.708348",
          "name": "Submit #708348 | UTT 进取 512W v3v1.7.7-171114 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://github.com/cymiao1978/cve/blob/main/new/14.md",
          "tags": [
            "related"
          ]
        },
        {
          "url": "https://github.com/cymiao1978/cve/blob/main/new/14.md#poc",
          "tags": [
            "exploit"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
            "baseScore": 9
          }
        }
      ],
      "timeline": [
        {
          "time": "2025-12-25T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2025-12-25T01:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2025-12-25T13:47:39.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "cymiao (VulDB User)",
          "type": "reporter"
        }
      ]
    }
  }
}