CVE-2025-14141 | UTT 进取 520W 1.7.7-180627 formArpBindConfig strcpy pools buffer overflow

Inserito da Angelo Barbosa | Dic 5, 2025 | CVE

A vulnerability described as critical has been identified in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formArpBindConfig. Executing manipulation of the argument pools can lead to buffer overflow.

This vulnerability appears as CVE-2025-14141. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-14141 | UTT 进取 520W 1.7.7-180627 formArpBindConfig strcpy pools buffer overflow

Post correlati

CVE-2024-54357 | ThemeFusion Avada Plugin up to 7.11.10 on WordPress cross-site request forgery

CVE-2024-38355 | socket.io up to 2.5.0/4.6.1 denial of service (GHSA-25hc-qcg6-38wj)

CVE-2024-10283 | Tenda RX9/RX9 Pro 22.03.02.20 SetNetControlList sub_4337EC list stack-based overflow

CVE-2024-43345 | PluginOps Landing Page Builder Plugin up to 1.5.2.0 on WordPress path traversal