HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-52186Published Modified CNA mitre

CVE-2026-52186: SQL Injection vulnerability in UTT nv518G nv518GV3v3

SQL Injection vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to execute arbitrary code via the gohead/sub_463bbc component

Metrics

CVSS v3.1
9.8
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

SQL injection vulnerability in UTT nv518G (firmware version nv518GV3v3.2.7-210919-161313) allows a remote, unauthenticated attacker to inject malicious SQL statements through the gohead/sub_463bbc component. The device is reachable over the network and requires no authentication or user interaction to exploit. Successful exploitation gives an attacker arbitrary code execution on the device. HarborGuard tracks this advisory and will make a patched-image rebuild available as soon as an upstream fix is published.

HarborGuard Coverage

Detection

Detection of CVE-2026-52186 is available across every HarborGuard environment. The CVE is ingested from upstream feeds within minutes of publication and matched against customer images in registries and CI/CD pipelines, including custom-built images that bundle UTT nv518G firmware components.

Available
Triage

Triage is available using the CVSS v3.1 score of 9.8 (Critical), weighted against each customer organization's compliance policy to determine urgency and routing. Alerts are directed to the appropriate inbox within each customer org based on configured ownership and severity thresholds.

Available
Patch

No fix version has been published upstream for this CVE. HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available at the corrected version the moment an upstream fix is released. For customers with auto-remediation enabled, a rebuild, regression test run, and PR against affected workloads will be triggered automatically at that time.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable component is exposed over the network, so an attacker must be able to reach the device's HTTP service from a remote network location.

  • AuthenticationNot required

    No credentials or prior account access are needed; the injection endpoint is reachable by any unauthenticated caller.

  • Victim interactionNot required

    The attack is fully server-side and requires no action from any user on the targeted device.

  • Attack complexityDetail

    Exploitation is reliable and condition-free; no race conditions, memory layout knowledge, or special environmental factors are required.

Blast Radius

  • Attacker reads all data stored in the device database, which may include credentials, session tokens, and network configuration.
  • Attacker modifies or deletes persisted configuration records, altering firewall rules, routing tables, or user account data.
  • Attacker achieves arbitrary code execution on the device firmware, gaining full control of the underlying system.
  • Attacker can crash or destabilize the device service, causing a loss of network connectivity for downstream users.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-52186 is active across all customer environments that include images bundling UTT nv518G firmware components. Because no upstream fix exists at this time, HarborGuard monitors the advisory on every ingest cycle and will automatically make a patched-image rebuild available the moment UTT publishes a corrected firmware version. For customers with auto-remediation enabled, the full rebuild-plus-PR flow will trigger without manual intervention when that fix lands. In the interim, compensating controls worth considering include network-policy isolation to restrict access to the gohead service to trusted source IPs only, egress filtering to limit lateral movement if the device is compromised, and feature-flag or ACL gating on the sub_463bbc endpoint where the firmware configuration permits it. The CVSS score of 9.8 reflects the complete absence of authentication and network-interaction barriers, so perimeter-level controls are the primary mitigation until a patch is available.

See how HarborGuard automates this
Affected packages
  • n/a / n/a
    n/a
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H