Vulnerability Description
A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argument NatBind can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Utt | 512W Firmware | <= 1.7.7-171114 |
| Utt | 512W | 3.0 |
Related Weaknesses (CWE)
References
- https://github.com/maximdevere/CVE2/issues/6ExploitIssue TrackingThird Party Advisory
- https://vuldb.com/?ctiid.335873Permissions RequiredVDB Entry
- https://vuldb.com/?id.335873Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.703620Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-14534?
CVE-2025-14534 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A vulnerability was determined in UTT 进取 512W up to 3.1.7.7-171114. This impacts the function strcpy of the file /goform/formNatStaticMap of the component Endpoint. Executing manipulation of the argum...
How severe is CVE-2025-14534?
CVE-2025-14534 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-14534?
Check the references section above for vendor advisories and patch information. Affected products include: Utt 512W Firmware, Utt 512W.