PT-2026-1220 · Unknown · Utt 进取 520W

Cymiao

Publicado

2025-12-29

Atualizado

2026-01-10

CVE-2025-15461

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions UTT 进取 520W version 1.7.7-180627

Description A flaw exists in UTT 进取 520W version 1.7.7-180627. The issue is a buffer overflow within the strcpy function located in the /goform/formTaskEdit file. Manipulation of the selDateType argument can trigger this overflow, and the attack can be executed remotely. An exploit for this issue has been published. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-120

Identificadores relacionados

BDU:2026-00615

CVE-2025-15461

Produtos afetados

Utt 进取 520W

PT-2026-1220 · Unknown · Utt 进取 520W

CVE-2025-15461

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15