CVE-2025-14140 | UTT 进取 520W 1.7.7-180627 /goform/websHostFilter strcpy addHostFilter buffer overflow

Inserito da Angelo Barbosa | Dic 5, 2025 | CVE

A vulnerability marked as critical has been reported in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/websHostFilter. Performing manipulation of the argument addHostFilter results in buffer overflow.

This vulnerability is reported as CVE-2025-14140. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-14140 | UTT 进取 520W 1.7.7-180627 /goform/websHostFilter strcpy addHostFilter buffer overflow

Post correlati

CVE-2024-36511 | Fortinet FortiADC up to 7.4.4 Web Application Firewall security check (FG-IR-22-256)

CVE-2024-21937 | AMD Software PRO Edition HIP SDK Installation default permission

CVE-2025-10370 | MiczFlor RPi-Jukebox-RFID up to 2.8.0 /htdocs/userScripts.php Custom script cross site scripting

CVE-2024-33854 | Centreon Web up to 22.10.22/23.04.18/23.10.12/24.04.2 Graph Template sql injection