PT-2026-7014 · Unknown · Utt 进取 521G

Cha0Yang

Publicado

2026-02-08

Atualizado

2026-02-08

CVE-2026-2182

CVSS v2.0

8.3

Alta

Vetor

AV:N/AC:L/Au:M/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions UTT 进取 521G version 3.1.1-190816

Description A flaw exists in the doSystem function within the /goform/setSysAdm file. Manipulation of the passwd1 argument can result in command injection. This issue may be exploited remotely. The exploit is publicly available.

Recommendations Apply updates to address the vulnerability in the doSystem function. As a temporary workaround, restrict access to the /goform/setSysAdm file. Avoid using the passwd1 argument in the affected function until the issue is resolved.

Exploit

Correção

DoS

Special Elements Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74CWE-77

Identificadores relacionados

CVE-2026-2182

Produtos afetados

Utt 进取 521G

PT-2026-7014 · Unknown · Utt 进取 521G

CVE-2026-2182

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10