CVE-2026-2182 - Vulnerability Details

- UTT 进取 521G setSysAdm doSystem command injection

Description

A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

Published: 2026-02-08

Score: 8.6 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability allows an attacker to inject arbitrary operating‑system commands through the passwd1 parameter of the doSystem function in the /goform/setSysAdm interface. This unsanitized input leads to execution of malicious commands, granting the attacker full control over the device’s operating system. The flaw falls under the Command‑Injection family (CWE‑74) and involves improper input handling (CWE‑77). Successful exploitation enables an attacker to read, modify, or delete sensitive configuration data and potentially disrupt device operation.

Affected Systems

The affected product is the UTT 进取 521G series, specifically firmware 3.1.1‑190816 and earlier revisions that include the vulnerable doSystem implementation. Devices using the 2.0 hardware variant are listed in the CPE data, but the flaw is tied to the firmware version. No other vendors or product lines are indicated as impacted.

Risk and Exploitability

The CVSS score of 8.6 categorizes this flaw as high severity. With an EPSS of less than 1 %, exploitation is considered unlikely at the current time, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector is inferred to be remote, requiring network access to the setSysAdm endpoint, and the attacker must supply a crafted passwd1 value. Because the flaw directly invokes system commands, a single successful request can achieve complete system compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

UTT

进取 521G

affected

Version	Status	Constraints
`3.1.1-190816`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:utt:521g_firmware:3.1.1-190816:*:*:*:*:*:*:*

cpe:2.3:h:utt:521g:2.0:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Utt	521g	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Install the latest official firmware from UTT that removes the vulnerable doSystem entry or upgrade to a version where the flaw is fixed, if such a release is available.
Restrict network access to the /goform/setSysAdm endpoint using firewall or ACL rules, allowing only trusted IP ranges or internal management networks to reach it.
Implement input validation on the passwd1 parameter, rejecting or sanitizing any special characters that could be interpreted as command separators, or force the value to a known safe set.

Generated by OpenCVE AI on April 17, 2026 at 21:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00464.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/cha0yang1/UTT521G/blob/main/RCE1.md
https://github.com/cha0yang1/UTT521G/blob/main/RCE1.md#poc
https://vuldb.com/?ctiid.344885
https://vuldb.com/?id.344885
https://vuldb.com/?submit.749712

History

Tue, 10 Feb 2026 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Utt 521g Firmware
CPEs		cpe:2.3:h:utt:521g:2.0:::::::* cpe:2.3:o:utt:521g_firmware:3.1.1-190816:::::::*
Vendors & Products		Utt 521g Firmware

Mon, 09 Feb 2026 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 09 Feb 2026 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Utt Utt 521g
Vendors & Products		Utt Utt 521g

Sun, 08 Feb 2026 20:15:00 +0000

Type	Values Removed	Values Added
Description		A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Title		UTT 进取 521G setSysAdm doSystem command injection
Weaknesses		CWE-74 CWE-77
References		https://github.com/cha0yang1/UTT521G/blob/main/RCE1.md https://github.com/cha0yang1/UTT521G/blob/main/RCE1.md#poc https://vuldb.com/?ctiid.344885 https://vuldb.com/?id.344885 https://vuldb.com/?submit.749712
Metrics		cvssV2_0 `{'score': 8.3, 'vector': 'AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Utt 521g 521g Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-08T20:02:06.826Z

Updated: 2026-02-23T09:48:42.899Z

Reserved: 2026-02-07T15:23:04.296Z

Link: CVE-2026-2182

Vulnrichment

Updated: 2026-02-09T21:00:24.146Z

NVD

Status : Analyzed

Published: 2026-02-08T20:15:51.393

Modified: 2026-02-10T15:10:54.493

Link: CVE-2026-2182

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T21:45:28Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object