A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
References
| Link | Resource |
|---|---|
| https://github.com/Lena-lyy/cve/blob/main/1223/28.md | Exploit Third Party Advisory |
| https://vuldb.com/?ctiid.340438 | Permissions Required VDB Entry |
| https://vuldb.com/?id.340438 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.729020 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
History
13 Jan 2026, 22:02
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:utt:520w:3.0:*:*:*:*:*:*:* cpe:2.3:o:utt:520w_firmware:*:*:*:*:*:*:*:* |
|
| First Time |
Utt
Utt 520w Firmware Utt 520w |
|
| References | () https://github.com/Lena-lyy/cve/blob/main/1223/28.md - Exploit, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.340438 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.340438 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.729020 - Third Party Advisory, VDB Entry |
11 Jan 2026, 06:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-01-11 06:15
Updated : 2026-01-13 22:02
NVD link : CVE-2026-0838
Mitre link : CVE-2026-0838
CVE.ORG link : CVE-2026-0838
JSON object : View
Products Affected
utt
- 520w_firmware
- 520w