Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password change
Vulnerability Description
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this issue is the function formDefineManagement of the file /goform/setSysAdm of the component Administrator Password Handler. The manipulation of the argument passwd1 leads to unverified password change. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
未经验证的口令修改
Vulnerability Title
UTT 进取 750W 安全漏洞
Vulnerability Description
UTT 进取 750W是中国艾泰(UTT)公司的一款路由器。 UTT 进取 750W 5.0及之前版本存在安全漏洞,该漏洞源于对文件/goform/setSysAdm中参数passwd1的错误操作导致未经验证的密码更改。
CVSS Information
N/A
Vulnerability Type
N/A