CVE-2025-14572

HighPublic PoC

Published: 12 December 2025

Published

12 December 2025

Modified

12 January 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0017 37.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has…

been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents memory corruption by enforcing validation of the 'hidcontact' argument in the /goform/formWebAuthGlobalConfig endpoint.

SI-16 Memory Protection good match

prevent

Implements memory protections like address space layout randomization and data execution prevention to mitigate exploitation of the CWE-119 memory corruption vulnerability.

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of the specific flaw in firmware versions up to 1.7.7-171114 through patching or replacement to eliminate the vulnerability.

Security SummaryAI

CVE-2025-14572 is a memory corruption vulnerability (CWE-119) in UTT 进取 512W devices running firmware versions up to 1.7.7-171114. The flaw affects an unknown part of the /goform/formWebAuthGlobalConfig file, where manipulation of the "hidcontact" argument triggers the corruption.

Remote exploitation is possible by an attacker with low privileges (PR:L) over the network (AV:N), requiring low complexity (AC:L) and no user interaction (UI:N). The CVSS v3.1 base score of 8.8 (C:H/I:H/A:H/S:U) indicates high impacts on confidentiality, integrity, and availability, potentially enabling arbitrary code execution or system compromise.

Advisories from VulDB and a GitHub issue (https://github.com/alc9700jmo/CVE/issues/21) confirm the exploit has been made public. The vendor was contacted early for disclosure but provided no response, and no patches or specific mitigations are detailed in the references.

Details

CWE(s): CWE-119

Affected Products

utt

512w firmware

≤ 1.7.7-171114

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is a remotely exploitable memory corruption flaw in a public-facing web interface (/goform/formWebAuthGlobalConfig) on a network device, enabling arbitrary code execution and directly mapping to T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/alc9700jmo/CVE/issues/21
Exploit, Mitigation, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.336196
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.336196
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.704107
Third Party Advisory, VDB Entry · cna@vuldb.com