HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-10292Published Modified CNA VulDB

CVE-2026-10292: UTT HiPER 1200GW formTaskEdit strcpy stack-based overflow

A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used.

Metrics

CVSS v4.0
8.7
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A stack-based buffer overflow exists in the UTT HiPER 1200GW router firmware (versions up to 2.5.3-170306). The vulnerability is in the formTaskEdit handler, where unsanitized user input is passed directly to strcpy, allowing a remote attacker with a low-privilege account to overwrite the stack. Successful exploitation gives the attacker full control over the affected device, including the ability to read, modify, or destroy data and disrupt service. No fix version has been published; HarborGuard tracks the advisory and will surface patch availability as soon as upstream ships a correction.

HarborGuard Coverage

Detection

Detection for CVE-2026-10292 is available across every HarborGuard environment: the CVE is ingested from upstream feeds including VulDB within minutes of publication and matched against all customer images, including custom-built firmware images derived from the affected UTT HiPER 1200GW codebase. Any image found to carry the affected formTaskEdit component at a vulnerable version is flagged immediately.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS v4.0 8.7 (HIGH) and weighting it further against each customer org's compliance policy, for example elevating priority for environments that classify network-edge devices as critical assets. Findings are routable to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available
Patch

Because no fix version has been published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment UTT releases a corrected firmware version. In the interim, customers with auto-remediation enabled can receive automated compensating-control recommendations such as network-policy isolation of the affected management interface.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable formTaskEdit endpoint is exposed over the network, so an attacker must be able to reach the device's web interface remotely.

  • AuthenticationRequired

    The CVSS vector specifies PR:L, meaning a low-privilege account is sufficient; no administrative credentials are needed.

  • Victim interactionNot required

    Exploitation is fully attacker-driven and requires no action from any user of the device.

  • Attack complexityDetail

    Attack complexity is low (AC:L), meaning the overflow is reliably triggerable with no special preconditions, race conditions, or environmental dependencies.

Blast Radius

  • The attacker gains the ability to execute arbitrary code on the device at the privilege level of the affected process, effectively taking full control of the router.
  • Confidential data accessible to the device, including network credentials, session tokens, and configuration secrets, can be read directly from memory or storage.
  • The attacker can modify persisted router configuration, redirecting or intercepting network traffic passing through the device.
  • The affected service can be crashed, causing a denial of service for all network traffic the HiPER 1200GW routes or manages.

How HarborGuard Handles This

Available on HarborGuard: this CVE is actively tracked with a HIGH severity rating derived from its CVSS v4.0 score of 8.7. Because no upstream fix exists yet, HarborGuard re-evaluates the advisory on every ingest cycle and will automatically surface a patched-image rebuild the moment UTT publishes a corrected firmware version. For customers who opt into auto-remediation, that rebuild will trigger a regression test run and a PR opened against affected workloads as soon as the fix is available. In the interim, HarborGuard can surface compensating-control guidance for affected environments, including network-policy isolation to restrict access to the management web interface, egress filtering to limit lateral movement from a compromised device, and feature-flag gating to disable the formTaskEdit endpoint where the router firmware supports it. The exploit is publicly available, so environments with the affected firmware version should treat this as a high-priority finding and apply compensating controls without waiting for an upstream patch.

See how HarborGuard automates this
Affected packages
  • UTT / HiPER 1200GW
    2.5.3-170306
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
References