CVE-2026-2188: OS Command Injection in UTT 进取 521G
A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-2188: OS Command Injection in UTT 进取 521G
Description
A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-02-07T17:18:03.705Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 698904274b57a58fa1d0a686
Added to database: 2/8/2026, 9:46:15 PM
Last updated: 2/8/2026, 9:46:50 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-2187: Stack-based Buffer Overflow in Tenda RX3
HighCVE-2026-2186: Stack-based Buffer Overflow in Tenda RX3
HighCVE-2026-2185: Stack-based Buffer Overflow in Tenda RX3
HighCVE-2026-2184: OS Command Injection in Great Developers Certificate Generation System
MediumCVE-2026-2183: Unrestricted Upload in Great Developers Certificate Generation System
MediumActions
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.