Description
UTT Aggressive 520W v3v1.7.7-180627 was discovered to contain a buffer overflow in the filename parameter of the formFtpServerDirConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Published: 2026-04-06
Score: 4.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Assess Impact
AI Analysis

Impact

A buffer overflow occurs in the filename parameter of the formFtpServerDirConfig function in UTT Aggressive 520W firmware version 1.7.7-180627. This flaw allows an attacker to craft an input that triggers the overflow, causing the device to crash or become unresponsive. The primary consequence is loss of availability for the affected system, potentially disrupting network operations that rely on the FTP service.

Affected Systems

UTT’s Aggressive 520W hardware running firmware 1.7.7-180627 is impacted. No other vendors, products, or versions are listed as affected.

Risk and Exploitability

The CVSS score of 4.5 indicates a moderate severity. The EPSS score is less than 1%, suggesting a low likelihood of exploitation. The vulnerability is not listed in CISA’s KEV catalog. Based on the function name it is inferred that the flaw can be triggered remotely through the FTP configuration interface, but explicit exploitation details are not provided in the description.

Generated by OpenCVE AI on April 7, 2026 at 21:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the UTT website or support portal for a firmware update that addresses the overflow issue.
  • If a patch is available, apply it to all affected Aggressive 520W devices immediately.
  • Limit or block external access to the FTP server on the device to reduce the attack surface while a patch is pending.
  • Monitor system logs and device availability for signs of abnormal restarts or crashes.

Generated by OpenCVE AI on April 7, 2026 at 21:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in FTP Server Directory Configuration Causes Denial of Service

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Utt 520w Firmware
CPEs cpe:2.3:h:utt:520w:3.0:*:*:*:*:*:*:*
cpe:2.3:o:utt:520w_firmware:1.7.7-180627:*:*:*:*:*:*:*
Vendors & Products Utt 520w Firmware

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Title UTT Aggressive 520W Firmware Buffer Overflow in FTP Configuration Causes DoS
Weaknesses CWE-119

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Title UTT Aggressive 520W Firmware Buffer Overflow in FTP Configuration Causes DoS
First Time appeared Utt
Utt 520w
Weaknesses CWE-119
CWE-120
Vendors & Products Utt
Utt 520w
Metrics cvssV3_1

{'score': 4.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 06 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Description UTT Aggressive 520W v3v1.7.7-180627 was discovered to contain a buffer overflow in the filename parameter of the formFtpServerDirConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
References

Subscriptions

Utt 520w 520w Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-06T19:51:52.375Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31062

cve-icon Vulnrichment

Updated: 2026-04-06T19:51:32.877Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-06T15:17:08.840

Modified: 2026-04-07T20:29:00.740

Link: CVE-2026-31062

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:53:02Z

Weaknesses