A vulnerability has been found in UTT 进取 518G up to V3v3.2.7-210919-161313. This vulnerability affects the function sub_4247AC of the file /goform/formRemoteControl. The manipulation of the argument Profile leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References
| Link | Resource |
|---|---|
| https://github.com/cymiao1978/cve/blob/main/13.md | Exploit Third Party Advisory |
| https://github.com/cymiao1978/cve/blob/main/13.md#poc | Exploit Third Party Advisory |
| https://vuldb.com/?ctiid.328068 | Permissions Required VDB Entry |
| https://vuldb.com/?id.328068 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.664925 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
History
08 Jan 2026, 18:00
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:utt:518g:3.0:*:*:*:*:*:*:* cpe:2.3:o:utt:518g_firmware:*:*:*:*:*:*:*:* |
|
| First Time |
Utt 518g
Utt Utt 518g Firmware |
|
| References | () https://github.com/cymiao1978/cve/blob/main/13.md - Exploit, Third Party Advisory | |
| References | () https://github.com/cymiao1978/cve/blob/main/13.md#poc - Exploit, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.328068 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.328068 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.664925 - Third Party Advisory, VDB Entry |
13 Oct 2025, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-10-13 00:15
Updated : 2026-01-08 18:00
NVD link : CVE-2025-11651
Mitre link : CVE-2025-11651
CVE.ORG link : CVE-2025-11651
JSON object : View
Products Affected
utt
- 518g_firmware
- 518g