CVE-2026-2188

Sažetak

A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Reference

https://github.com/cha0yang1/UTT521G/blob/main/RCE2.md
https://vuldb.com/?ctiid.344891
https://vuldb.com/?id.344891
https://vuldb.com/?submit.749733

CVSS

Base:	8.3
Impact:	10.0
Exploitability:	6.4

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:M/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-02-2026 - 14:57

Objavljeno

08-02-2026 - 22:15