Cyber Resilience

CVE-2025-6097

MediumPublic PoC

Published: 16 June 2025

Published
16 June 2025
Modified
08 January 2026
KEV Added
Patch
CVSS Score v4 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0104 77.8th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-6097 is a medium-severity Unverified Password Change (CWE-620) vulnerability in Utt 750W Firmware. Its CVSS base score is 5.5 (Medium).

Operationally, ranked in the top 22.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2025-6097 affects the UTT 进取 750W router up to version 5.0. The flaw resides in the formDefineManagement function within the /goform/setSysAdm endpoint of the Administrator Password Handler component. An unauthenticated remote attacker can supply a manipulated passwd1 argument to perform an unverified password change, which maps to CWE-620 and CWE-640.

Because the vulnerability can be triggered over the network without credentials or user interaction, an attacker who reaches the management interface can alter the administrator password and thereby obtain persistent administrative control of the device. Public proof-of-concept code demonstrating the attack has been released.

The vendor was notified prior to disclosure but has not issued a response or patch. The associated EPSS score has remained flat at 0.0104 with no material increase since publication, indicating limited observed exploitation interest to date.

EU & UK References

Vulnerability details

A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads…

more

to unverified password change. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

utt
750w firmware
≤ 5.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-640

Establishing procedures for lost or compromised authenticators addresses weak password recovery mechanisms.

References