Primary

Context

UTT Aggressive 520W Buffer Overflow Vulnerability in formConfigCliForEngineerOnly Function Allowing Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in the UTT Aggressive 520W router, specifically in firmware versions through v3v1.7.7-180627. The issue arises in the addCommand parameter of the formConfigCliForEngineerOnly function, where lack of proper boundary checks allows attackers to manipulate input and cause a buffer overflow. This vulnerability can be exploited to launch a denial-of-service attack.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the device to become unresponsive or unavailable.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/formConfigCliForEngineerOnly endpoint. Include a crafted addCommand parameter with a payload designed to overflow the buffer. The request must be authorized using Digest authentication with valid credentials.

Added: Apr 6, 2026, 3:31 PM

Updated: Apr 6, 2026, 3:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UTT Aggressive 520W Buffer Overflow Vulnerability in formConfigCliForEngineerOnly Function Allowing Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating