HIGHCVE-2026-2086Published 2026-02-07Modified 2026-02-23CNA VulDB

CVE-2026-2086: UTT HiPER 810G Management formFireWall strcpy buffer overflow

A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

UTT / HiPER 810G
1.7.7-171114

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

VDB-344653 | UTT HiPER 810G Management formFireWall strcpy buffer overflow
VDB-344653 | CTI Indicators (IOB, IOC, IOA)
Submit #746502 | UTT (AiTai) HiPER 810G <= v3v1.7.7-171114 Buffer Overflow
github.com
github.com

Metrics