Zxq0408

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 1200GW version 2.5.3-170306 Description A buffer overflow exists in the `timeRangeName` parameter of the `formConfigDnsFilterGlobal` function in UTT 1200GW network devices. This allows for a Denial of Service (DoS) through a crafted input. Recommendations Update to a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 520W version v3v1.7.7-180627 Description A remote command execution (RCE) issue exists in the `/goform/formDia` component of UTT Aggressive HiPER 520W. An attacker can execute arbitrary commands by providing a crafted string. The issue involves API endpoints and potentially relates to recent vulnerabilities in agent frameworks. Recommendations Update to a newer version of UTT Aggressive HiPER 520W that addresses this issue. As a temporary workaround, restrict access to the `/goform/formDia` endpoint.

A remote command execution (RCE) vulnerability in the /goform/formReleaseConnect component of UTT Aggressive 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string.

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 810G versions v3v1.7.7-171114 Description A buffer overflow exists in the `ConfigAdvideo` function, specifically within the `timestart` parameter. This allows for a Denial of Service (DoS) through a crafted input. The issue involves copying a buffer without validating the size of the input data. Recommendations Update to a newer version that addresses the buffer overflow in the `ConfigAdvideo` function.

Name of the Vulnerable Software and Affected Versions UTT Aggressive 520W versions 3v1.7.7-180627 Description A buffer overflow exists in the `filename` parameter of the `formFtpServerDirConfig()` function in UTT Aggressive 520W v3v1.7.7-180627. This allows for a Denial of Service (DoS) through crafted input. Recommendations Update to a newer version that addresses this issue. As a temporary workaround, consider restricting the length of the `filename` parameter passed to the `formFtpServerDirConfig()` function.

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 1200GW version 2.5.3-170306 Description A buffer overflow exists in the `pools` parameter of the `formArpBindConfig` function in UTT Aggressive HiPER 1200GW version 2.5.3-170306. This flaw allows attackers to trigger a Denial of Service (DoS) condition by providing a specially crafted input. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions UTT 520W versions prior to v3v1.7.7-180627 Description A buffer overflow exists in the `formConfigCliForEngineerOnly()` function of UTT 520W router firmware. Successful exploitation could allow a remote attacker to cause a denial of service. The vulnerability is located in the `addCommand` parameter of the `formConfigCliForEngineerOnly()` function. Recommendations Update to version v3v1.7.7-180627 or later.

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 810G versions v3v1.7.7-171114 Description A buffer overflow exists in the `selDateType` parameter of the `formTaskEdit` function in UTT Aggressive HiPER 810G. This allows for a Denial of Service (DoS) through crafted input. Recommendations Update to a newer version of UTT Aggressive HiPER 810G.

Name of the Vulnerable Software and Affected Versions UTT Aggressive HiPER 810G version v3v1.7.7-171114 Description A buffer overflow exists in the `formGroupConfig()` function of UTT HiPER 810G microprogram for routers. The issue is due to a lack of input size validation during buffer copying. Successful exploitation could allow a remote attacker to cause a denial of service (DoS). Recommendations Update to a newer version that addresses the buffer overflow in the `formGroupConfig()` function.