CVE-2026-2070 | UTT 进取 520W 1.7.7-180627 formPolicyRouteConf strcpy GroupName buffer overflow

Inserito da Angelo Barbosa | Feb 6, 2026 | CVE

A vulnerability described as critical has been identified in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/formPolicyRouteConf. Such manipulation of the argument GroupName leads to buffer overflow.

This vulnerability is documented as CVE-2026-2070. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2070 | UTT 进取 520W 1.7.7-180627 formPolicyRouteConf strcpy GroupName buffer overflow

Post correlati

CVE-2024-7853 | SourceCodester Yoga Class Registration System up to 1.0 id sql injection

CVE-2024-43399 | MobSF Mobile-Security-Framework-MobSF up to 4.0.6 a Extension File path traversal

CVE-2024-30140 | HCL BigFix Compliance 2.0.11 Web Page Cache redirect (KB0117197)

CVE-2024-11607 | GTPayment Donations Plugin up to 1.0.0 on WordPress cross-site request forgery