CVE-2025-15429 | UTT 进取 512W 1.7.7-171114 formConfigCliForEngineerOnly strcpy addCommand buffer overflow

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability was found in UTT 进取 512W 1.7.7-171114 and classified as critical. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow.

This vulnerability is referenced as CVE-2025-15429. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15429 | UTT 进取 512W 1.7.7-171114 formConfigCliForEngineerOnly strcpy addCommand buffer overflow

Post correlati

CVE-2024-3459 | KioWare up to 8.34 on Windows PDF File improper protection of alternate path

CVE-2025-60800 | jshERP GET Request /jshERP-boot/user/info access control

CVE-2025-5230 | PHPGurukul Online Nurse Hiring System 1.0 bwdates-report-details.php fromdate/todate sql injection

CVE-2024-20130 | MediaTek MT8796 Power stack-based overflow (MSV-1982 / ALPS09193374)