CVE-2025-15091 | UTT 进取 512W up to 1.7.7-171114 /goform/formPictureUrl strcpy importpictureurl buffer overflow

Inserito da Angelo Barbosa | Dic 25, 2025 | CVE

A vulnerability marked as critical has been reported in UTT 进取 512W up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/formPictureUrl. This manipulation of the argument importpictureurl causes buffer overflow.

The identification of this vulnerability is CVE-2025-15091. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-15091 | UTT 进取 512W up to 1.7.7-171114 /goform/formPictureUrl strcpy importpictureurl buffer overflow

Post correlati

CVE-2024-36103 | ELECOM WRC-X5400GS-B/WRC-X5400GSA-B up to 1.0.10 Request os command injection

CVE-2024-38746 | MakeStories Plugin up to 3.0.3 on WordPress path traversal

CVE-2022-45826 | WP Sunshine Sunshine Photo Cart Plugin up to 2.9.13 on WordPress authorization

CVE-2024-21938 | AMD Management Plug-In for SCCM prior 7.0.0.1318 default permission