Unrated severityNVD Advisory· Published Feb 8, 2026· Updated Feb 23, 2026
UTT 进取 521G formPdbUpConfig sub_446B18 os command injection
CVE-2026-2188
Description
A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/cha0yang1/UTT521G/blob/main/RCE2.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.