CVE-2025-15428
Published: 02 January 2026
Summary
CVE-2025-15428 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Utt 512W Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 47.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-15428 is a buffer overflow vulnerability affecting the UTT 进取 512W firmware version 1.7.7-171114. The flaw exists in the strcpy function within the /goform/formRemoteControl file, where manipulation of the Profile argument triggers the overflow. This issue aligns with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).
The vulnerability enables remote exploitation with low attack complexity and no user interaction required. Exploitation demands low privileges (PR:L) from an authenticated user, potentially allowing attackers to achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), as reflected in its CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Advisories from VulDB and a GitHub repository detail the issue, including a proof-of-concept exploit. The vendor was contacted early for disclosure but provided no response, and no patches or specific mitigations are referenced.
A public exploit is available, increasing the risk of real-world attacks against unpatched devices.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-0712
Vulnerability details
A weakness has been identified in UTT 进取 512W 1.7.7-171114. Affected is the function strcpy of the file /goform/formRemoteControl. This manipulation of the argument Profile causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been…
more
made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing web form (/goform/formRemoteControl) directly enables remote code execution via T1190 Exploit Public-Facing Application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates the Profile argument in /goform/formRemoteControl to block oversized or malformed inputs that trigger the strcpy buffer overflow.
Implements memory protections such as stack canaries, ASLR, and DEP to prevent arbitrary code execution from the buffer overflow vulnerability.
Mandates timely identification, reporting, and patching of flaws like the unsafe strcpy function to remediate the buffer overflow before exploitation.