CVE-2026-2068 - Vulnerability Details

- UTT 进取 520W formSyslogConf strcpy buffer overflow

Description

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-02-06

Score: 8.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from an improper use of the C function strcpy in the formSyslogConf endpoint of the UTT 进取 520W firmware, allowing an attacker to supply a ServerIp argument that exceeds the allocated buffer. This buffer overflow can overwrite adjacent memory, potentially leading to arbitrary code execution or a crash. The weakness is identified as an out‑of‑bounds write (CWE‑119) and a buffer overflow vulnerability (CWE‑120).

Affected Systems

The affected product is the UTT 进取 520W router, specifically firmware version 1.7.7‑180627. No other firmware releases are listed as impacted.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. The EPSS score is low (< 1%), suggesting limited current exploitation probability, but the vulnerability is publicly documented and vendor response is lacking. An attacker can exploit the flaw remotely by sending a crafted request to the /goform/formSyslogConf interface, potentially gaining arbitrary code execution on the device. The vulnerability is not yet listed in CISA’s KEV catalog, but the public exploit could be of interest to adversaries targeting network infrastructure.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

UTT

进取 520W

affected

Version	Status	Constraints
`1.7.7-180627`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:utt:520w_firmware:1.7.7-180627:*:*:*:*:*:*:*

cpe:2.3:h:utt:520w:3.0:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Utt	520w	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Check for and apply any vendor‑supplied firmware update that addresses the buffer overflow; if none is available, request a patch from the vendor.
If an update is not immediately obtainable, isolate the device by restricting network access to the management interface, preferably by placing it behind a firewall or in a demilitarized zone.
Implement strict input validation on the ServerIp field or disable the formSyslogConf endpoint if the device offers such configuration options.
Monitor device logs for signs of exploitation attempts, and consider deploying network intrusion detection systems to flag anomalous traffic to the router’s management port.

Generated by OpenCVE AI on April 17, 2026 at 22:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00106.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/cymiao1978/cve/blob/main/new/38.md
https://github.com/cymiao1978/cve/blob/main/new/38.md#poc
https://vuldb.com/?ctiid.344635
https://vuldb.com/?id.344635
https://vuldb.com/?submit.745262

History

Fri, 13 Feb 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Utt 520w Firmware
CPEs		cpe:2.3:h:utt:520w:3.0:::::::* cpe:2.3:o:utt:520w_firmware:1.7.7-180627:::::::*
Vendors & Products		Utt 520w Firmware

Tue, 10 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 09 Feb 2026 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Utt Utt 520w
Vendors & Products		Utt Utt 520w

Fri, 06 Feb 2026 22:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		UTT 进取 520W formSyslogConf strcpy buffer overflow
Weaknesses		CWE-119 CWE-120
References		https://github.com/cymiao1978/cve/blob/main/new/38.md https://github.com/cymiao1978/cve/blob/main/new/38.md#poc https://vuldb.com/?ctiid.344635 https://vuldb.com/?id.344635 https://vuldb.com/?submit.745262
Metrics		cvssV2_0 `{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Utt 520w 520w Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-06T21:32:06.640Z

Updated: 2026-02-23T09:28:19.608Z

Reserved: 2026-02-06T06:59:36.557Z

Link: CVE-2026-2068

Vulnrichment

Updated: 2026-02-10T15:13:39.772Z

NVD

Status : Analyzed

Published: 2026-02-06T22:16:12.710

Modified: 2026-02-13T18:56:31.923

Link: CVE-2026-2068

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T22:30:29Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object