CVE-2025-11323
Published: 06 October 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-11323 is a buffer overflow vulnerability (CWE-119, CWE-120) in the UTT 1250GW router firmware up to version v2v3.2.2-200710. The flaw affects the strcpy function in the file /goform/formUserStatusRemark, where manipulation of the Username argument triggers the overflow.
Remote attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. The CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates that successful exploitation grants high impacts on confidentiality, integrity, and availability, enabling potential remote code execution.
Advisories reference a publicly disclosed exploit in a GitHub issue (https://github.com/DavCloudz/cve/issues/3) and VulDB entries (https://vuldb.com/?ctiid.327206, https://vuldb.com/?id.327206, https://vuldb.com/?submit.664524). The vendor was notified early but provided no response, and no patches or specific mitigations are detailed.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in router web management interface (/goform/formUserStatusRemark) allows remote low-privilege attackers to achieve RCE, directly enabling exploitation of public-facing applications (T1190) and exploitation for privilege escalation (T1068).