CNNVD-202602-1178 Information

CNNVD ID

CNNVD-202602-1178

Related CVE

CVE-2026-2188

• CNNVD Published: 2026-02-08

Description (Chinese)

UTT 521G是中国艾泰（UTT）公司的一款路由器。 UTT 521G 3.1.1-190816版本存在操作系统命令注入漏洞，该漏洞源于对文件/goform/formPdbUpConfig中函数sub_446B18的参数policyNames操作不当，可能导致os命令注入。

Description (English)

UTT 521G is a router of the Chinese company UTT. The UTT 521G 3.1.1-190816 version contains a loophole in the operating system command, which results from the inappropriate operation of the parameter sub 446B18 in the file/goform/formPdbUpConfig, which may lead to an Os command injection.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

艾泰

Published

2026-02-08

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.344891 https://vuldb.com/?id.344891 https://github.com/cha0yang1/UTT521G/blob/main/RCE2.md https://vuldb.com/?submit.749733 https://access.redhat.com/security/cve/cve-2026-2188