GCVE - cpe:2.3:o:utt:750w_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:utt:750w_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Utt (`2f5a4977-7574-517d-86bd-607fb0d0757c`)
Product	750W Firmware (`13011c23-5877-5d62-ab2a-fc53f077ef9f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-7116`	vulnerable	2026-06-03 15:12:30.535388	UTT 进取 750W Fast_wireless_conf buffer overflow HIGH (8.8) A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-07-07T06:32:05.568Z Updated: 2025-07-07T16:12:16.675Z Open on db.gcve.eu Reference links https://vuldb.com/?id.315027 https://vuldb.com/?ctiid.315027 https://vuldb.com/?submit.605862 https://github.com/d2pq/cve/blob/main/616/10.md https://github.com/d2pq/cve/blob/main/616/10.md#poc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-6098`	vulnerable	2026-06-03 15:12:26.696289	UTT 进取 750W API setSysAdm strcpy buffer overflow CRITICAL (9.8) A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-06-16T00:31:04.662Z Updated: 2025-06-16T16:21:39.074Z Open on db.gcve.eu Reference links https://vuldb.com/?id.312567 https://vuldb.com/?ctiid.312567 https://vuldb.com/?submit.589437 https://github.com/newym/cve/blob/main/utt1.md https://github.com/newym/cve/blob/main/utt1.md#poc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-6097`	vulnerable	2026-06-03 15:12:26.694280	UTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password change MEDIUM (5.3) A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-06-16T00:00:12.840Z Updated: 2025-06-16T16:22:55.742Z Open on db.gcve.eu Reference links https://vuldb.com/?id.312566 https://vuldb.com/?ctiid.312566 https://vuldb.com/?submit.589425 https://github.com/pfwqdxwdd/cve/blob/main/6.md https://github.com/pfwqdxwdd/cve/blob/main/6.md#poc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-13442`	vulnerable	2026-06-03 14:58:46.074592	UTT 进取 750W formPdbUpConfig system command injection HIGH (7.3) A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-11-20T01:32:07.186Z Updated: 2025-11-20T14:30:06.287Z Open on db.gcve.eu Reference links https://vuldb.com/?id.333015 https://vuldb.com/?ctiid.333015 https://vuldb.com/?submit.688782 https://github.com/alc9700jmo/CVE/issues/20	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-10172`	vulnerable	2026-06-03 14:58:33.667814	UTT 750W formPictureUrl buffer overflow HIGH (8.8) A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-09-09T23:02:06.954Z Updated: 2025-09-10T13:07:03.557Z Open on db.gcve.eu Reference links https://vuldb.com/?id.323207 https://vuldb.com/?ctiid.323207 https://vuldb.com/?submit.639030 https://github.com/cymiao1978/cve/blob/main/1.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.