Vulnerability Description
A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Utt | 512W Firmware | <= 1.7.7-171114 |
| Utt | 512W | 3.0 |
Related Weaknesses (CWE)
References
- https://github.com/alc9700jmo/CVE/issues/21ExploitMitigationThird Party Advisory
- https://vuldb.com/?ctiid.336196Permissions RequiredVDB Entry
- https://vuldb.com/?id.336196Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.704107Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-14572?
CVE-2025-14572 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in mem...
How severe is CVE-2025-14572?
CVE-2025-14572 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-14572?
Check the references section above for vendor advisories and patch information. Affected products include: Utt 512W Firmware, Utt 512W.