VDB-328069 · CVE-2025-11652 · EUVD-2025-33918

UTT 进取 518G /goform/formTaskEdit_ap txtMin2 ବଫର୍ ଓଭରଫ୍ଲୋ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu UTT 进取 518G ଯେପର୍ଯ୍ୟନ୍ତ V3v3.2.7-210919-161313 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii /goform/formTaskEdit_ap keessa. Dhugumatti jijjiirraa irratti raawwatame txtMin2 gara ବଫର୍ ଓଭରଫ୍ଲୋ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-120 si geessa. Beekumsi kun yeroo 10/12/2025 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2025-11652 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

4 ଆଡାପ୍ଟେସନ୍ · 94 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/12/2025 08:27 AM	ଅଦ୍ୟତନ 1/3 10/13/2025 03:41 AM	ଅଦ୍ୟତନ 2/3 10/13/2025 04:11 AM	ଅଦ୍ୟତନ 3/3 10/14/2025 04:53 PM
software_vendor	UTT	UTT	UTT	UTT
software_name	进取 518G	进取 518G	进取 518G	进取 518G
software_version	<=V3v3.2.7-210919-161313	<=V3v3.2.7-210919-161313	<=V3v3.2.7-210919-161313	<=V3v3.2.7-210919-161313
software_file	/goform/formTaskEdit_ap	/goform/formTaskEdit_ap	/goform/formTaskEdit_ap	/goform/formTaskEdit_ap
software_argument	txtMin2	txtMin2	txtMin2	txtMin2
vulnerability_cwe	CWE-120 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-120 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-120 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-120 (ବଫର୍ ଓଭରଫ୍ଲୋ)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	H	H	H	H
cvss3_vuldb_i	H	H	H	H
cvss3_vuldb_a	H	H	H	H
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://github.com/cymiao1978/cve/blob/main/14.md	https://github.com/cymiao1978/cve/blob/main/14.md	https://github.com/cymiao1978/cve/blob/main/14.md	https://github.com/cymiao1978/cve/blob/main/14.md
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://github.com/cymiao1978/cve/blob/main/14.md#poc	https://github.com/cymiao1978/cve/blob/main/14.md#poc	https://github.com/cymiao1978/cve/blob/main/14.md#poc	https://github.com/cymiao1978/cve/blob/main/14.md#poc
source_cve	CVE-2025-11652	CVE-2025-11652	CVE-2025-11652	CVE-2025-11652
cna_responsible	VulDB	VulDB	VulDB	VulDB
response_summary	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	C	C	C	C
cvss2_vuldb_ii	C	C	C	C
cvss2_vuldb_ai	C	C	C	C
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_ui	N	N	N	N
cvss4_vuldb_vc	H	H	H	H
cvss4_vuldb_vi	H	H	H	H
cvss4_vuldb_va	H	H	H	H
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_pr	L	L	L	L
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	9.0	9.0	9.0	9.0
cvss2_vuldb_tempscore	7.7	7.7	7.7	7.7
cvss3_vuldb_basescore	8.8	8.8	8.8	8.8
cvss3_vuldb_tempscore	8.0	8.0	8.0	8.0
cvss3_meta_basescore	8.8	8.8	8.8	8.8
cvss3_meta_tempscore	8.0	8.4	8.4	8.4
cvss4_vuldb_bscore	8.7	8.7	8.7	8.7
cvss4_vuldb_btscore	7.4	7.4	7.4	7.4
advisory_date	1760220000 (10/12/2025)	1760220000 (10/12/2025)	1760220000 (10/12/2025)	1760220000 (10/12/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.	A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEdit_ap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
cvss4_cna_av		N	N	N
cvss4_cna_ac		L	L	L
cvss4_cna_at		N	N	N
cvss4_cna_pr		L	L	L
cvss4_cna_ui		N	N	N
cvss4_cna_vc		H	H	H
cvss4_cna_vi		H	H	H
cvss4_cna_va		H	H	H
cvss4_cna_sc		N	N	N
cvss4_cna_si		N	N	N
cvss4_cna_sa		N	N	N
cvss4_cna_bscore		8.7	8.7	8.7
cvss3_cna_av		N	N	N
cvss3_cna_ac		L	L	L
cvss3_cna_pr		L	L	L
cvss3_cna_ui		N	N	N
cvss3_cna_s		U	U	U
cvss3_cna_c		H	H	H
cvss3_cna_i		H	H	H
cvss3_cna_a		H	H	H
cvss3_cna_basescore		8.8	8.8	8.8
cvss2_cna_av		N	N	N
cvss2_cna_ac		L	L	L
cvss2_cna_au		S	S	S
cvss2_cna_ci		C	C	C
cvss2_cna_ii		C	C	C
cvss2_cna_ai		C	C	C
cvss2_cna_basescore		9	9	9
euvd_id			EUVD-2025-33918	EUVD-2025-33918
cnnvd_id				CNNVD-202510-1713
cnnvd_name				UTT 518G 安全漏洞
cnnvd_hazardlevel				2
cnnvd_create				2025-10-14
cnnvd_publish				2025-10-13
cnnvd_update				2025-10-14

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Interested in the pricing of exploits?

See the underground prices here!