Impact
The reported vulnerability is a buffer overflow in the gohead/sub_425994 component of UTT nv518G firmware that allows a remote attacker to trigger a denial of service. When a crafted input is processed, the component overflows its buffer and crashes, forcing the device to become unresponsive and requiring a reboot or manual reset to restore service. The impact is limited to loss of service availability, with no disclosed compromise of confidentiality or integrity.
Affected Systems
The affected device is the UTT nv518G series, specifically firmware versions up to nv518GV3v3.2.7-210919-161313. No other vendors or product lines are listed in the CVE data.
Risk and Exploitability
The vulnerability can be exploited remotely without authentication, and the absence of an EPSS score and KEV listing mean the exact exploitation likelihood is unknown, but any reachable instance of gohead/sub_425994 is at risk of crashing. An attacker who can reach this component over the network can send malicious packets to trigger the overflow and cause service downtime. High potential impact combined with the ease of remote exploitation makes timely remediation critical.
OpenCVE Enrichment