CVE-2026-0837
Published: 11 January 2026
Description
A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and…
more
might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Mitigating Controls (NIST 800-53 r5)AI
Directly validates the GroupName input to prevent buffer overflow exploitation via unsafe strcpy in the /goform/formFireWall endpoint.
Requires timely remediation of the identified buffer overflow flaw in the router firmware, addressing the unpatched vulnerability.
Implements memory protections like stack guards or ASLR to mitigate arbitrary code execution even if the buffer overflow occurs.
Security SummaryAI
CVE-2026-0837 is a buffer overflow vulnerability in the UTT 进取 520W router firmware version 1.7.7-180627. The flaw affects the strcpy function in the /goform/formFireWall file, where manipulation of the GroupName argument triggers the overflow. Published on 2026-01-11, it is associated with CWE-119 and CWE-120.
An attacker with low privileges can exploit this vulnerability remotely over the network with low attack complexity and no user interaction. The CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates high impacts on confidentiality, integrity, and availability, potentially enabling arbitrary code execution.
Advisories from VulDB note that the vendor was contacted early about the issue but provided no response or patches. A publicly available exploit is hosted on GitHub, increasing the risk of active misuse.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in router web interface (/goform/formFireWall) enables remote exploitation of a public-facing application for arbitrary code execution.