Cymiao

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function within the `/goform/formP2PLimitConfig` file. Manipulating the `except` argument can trigger this issue. This allows for remote exploitation, and an exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A flaw exists in UTT 进取 520W. A buffer overflow can occur in the `strcpy` function within the file `/goform/formIpGroupConfig` when the `groupName` argument is manipulated. This issue is remotely exploitable. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function within the `/goform/formPolicyRouteConf` file. Manipulation of the `GroupName` argument can trigger this issue. The attack can be carried out remotely. The exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function within the `/goform/formSyslogConf` file. Manipulation of the `ServerIp` argument can trigger this issue, potentially allowing for remote attacks. The exploit for this issue is publicly available. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A security issue exists in UTT 进取 520W version 1.7.7-180627. The `strcpy` function within the file `/goform/formTimeGroupConfig` is susceptible to a buffer overflow when the `year1` argument is manipulated. This issue can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function located in the file `/goform/ConfigExceptMSN`. This allows for remote attacks, and the exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function within the file `/goform/ConfigExceptQQ` of UTT 进取 520W version 1.7.7-180627. A manipulation of the function can lead to a buffer overflow, potentially allowing for remote attacks. The vendor was contacted regarding this issue but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function located in the `/goform/formWebAuthGlobalConfig` file. Manipulation of this function can lead to a buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available. The vendor was contacted regarding this issue but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A buffer overflow issue exists in the `strcpy` function within the `/goform/ConfigExceptAli` file of UTT 进取 520W version 1.7.7-180627. This allows for remote exploitation of the system. The vendor was notified of this issue but did not provide a response. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A security issue has been identified in the software. The `strcpy` function within the `/goform/formUser` file is susceptible to a buffer overflow when handling the `passwd1` argument. This manipulation can be exploited remotely. The exploit for this issue has been made public, and the vendor has not responded to notifications regarding this disclosure. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A flaw exists in UTT 进取 520W 1.7.7-180627 related to the `strcpy` function within the `/goform/ConfigAdvideo` file. Manipulation of the `timestart` argument can lead to a buffer overflow, potentially allowing for remote attacks. The exploit for this issue has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** For UTT 进取 520W version 1.7.7-180627, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A flaw exists in UTT 进取 520W version 1.7.7-180627. The issue is a buffer overflow within the `strcpy` function located in the `/goform/formTaskEdit` file. Manipulation of the `selDateType` argument can trigger this overflow, and the attack can be executed remotely. An exploit for this issue has been published. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A flaw exists in UTT 进取 520W 1.7.7-180627 that allows for a buffer overflow. The issue is located in the `strcpy` function within the file `/goform/formPptpClientConfig`. Manipulation of the `EncryptionMode` argument can trigger the overflow. Remote exploitation is possible. The exploit is publicly available. The vendor was informed of the issue but did not provide a response. **Recommendations** Versions prior to 1.7.7-180627 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 512W versões até a 1.7.7-171114 **Descrição** Existe uma vulnerabilidade de overflow de buffer no UTT 进取 512W. O problema está relacionado à função `strcpy` dentro do arquivo `/goform/formConfigNoticeConfig`. A manipulação do argumento `timestart` pode desencadear o overflow. A vulnerabilidade pode ser explorada remotamente. O exploit foi divulgado publicamente. **Recomendações** Versões anteriores à 1.7.7-171114 são afetadas. Como medida de contorno temporária, considere restringir o acesso ao arquivo `/goform/formConfigNoticeConfig` para minimizar o risco de exploração. Evite usar o argumento `timestart` no endpoint da API `/goform/formConfigNoticeConfig` até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 512W versões até a 1.7.7-171114 **Descrição** Existe uma falha no UTT 进取 512W que permite overflow de buffer remoto. O problema está relacionado à função `strcpy` dentro do arquivo `/goform/ConfigExceptMSN`. A manipulação do argumento `remark` pode desencadear o overflow. Um exploit público está disponível. **Recomendações** Versões anteriores à 1.7.7-171114 devem ser atualizadas. Como solução temporária, considere restringir o acesso ao arquivo `/goform/ConfigExceptMSN` para minimizar o risco de exploração.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 512W versões até a 1.7.7-171114 **Descrição** Existe uma vulnerabilidade de estouro de buffer no UTT 进取 512W. O problema está relacionado à função `strcpy` presente no arquivo /goform/APSecurity. A manipulação do argumento `wepkey1` pode provocar o estouro. A vulnerabilidade é explorável remotamente e o exploit foi divulgado publicamente. **Recomendações** Versões anteriores à 1.7.7-171114 estão vulneráveis. Como solução alternativa temporária, considere restringir o acesso ao arquivo /goform/APSecurity para minimizar o risco de exploração. Evite utilizar o argumento `wepkey1` no endpoint /goform/APSecurity até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 512W versões anteriores a 1.7.7-171114 **Descrição** Existe uma falha no UTT 进取 512W. A função `strcpy` no arquivo `/goform/formPictureUrl` está suscetível a um estouro de buffer ao processar o parâmetro `importpictureurl`. Isso permite a exploração remota do sistema. O exploit para este problema foi divulgado publicamente. **Recomendações** As versões anteriores a 1.7.7-171114 devem ser atualizadas. Como medida de contorno temporária, considere restringir o acesso ao arquivo `/goform/formPictureUrl`.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 520W versão 1.7.7-180627 **Descrição** Existe uma falha na função strcpy no arquivo /goform/formArpBindConfig. A manipulação do argumento `pools` pode levar a um estouro de buffer, potencialmente permitindo ataques remotos. O exploit para esta falha foi publicado. O fabricante foi notificado, mas não respondeu. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** UTT 进取 520W versão 1.7.7-180627 **Descrição** Existe um problema de estouro de buffer na função `strcpy` no arquivo `/goform/websHostFilter`. A manipulação do argumento `addHostFilter` pode desencadear esse problema, permitindo exploração remota. O exploit está disponível publicamente. O fabricante foi notificado, mas não respondeu. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** UTT 进取 520W version 1.7.7-180627 **Description** A security issue exists in UTT 进取 520W version 1.7.7-180627 related to a buffer overflow. The `strcpy` function within the file `/goform/formConfigDnsFilterGlobal` is affected. Manipulation of the `timeRangeName` argument can lead to this overflow. The exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.