A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
References
| Link | Resource |
|---|---|
| https://github.com/alc9700jmo/CVE/issues/21 | Exploit Mitigation Third Party Advisory |
| https://vuldb.com/?ctiid.336196 | Permissions Required VDB Entry |
| https://vuldb.com/?id.336196 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.704107 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
History
12 Jan 2026, 20:22
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Utt 512w Firmware
Utt Utt 512w |
|
| CPE | cpe:2.3:o:utt:512w_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:utt:512w:3.0:*:*:*:*:*:*:* |
|
| References | () https://github.com/alc9700jmo/CVE/issues/21 - Exploit, Mitigation, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.336196 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.336196 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.704107 - Third Party Advisory, VDB Entry |
12 Dec 2025, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-12 20:15
Updated : 2026-01-12 20:22
NVD link : CVE-2025-14572
Mitre link : CVE-2025-14572
CVE.ORG link : CVE-2025-14572
JSON object : View
Products Affected
utt
- 512w_firmware
- 512w
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer