CVE 8.6 HIGH

UTT HiPER 810 rehttpd formReleaseConnect sub_4407D4 command injection_CVE-2026-2118

February 7, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument Isp_Name can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

AI Analysis

Command injection vulnerability in UTT HiPER 810 1.7.4-141218 via manipulation of the Isp_Name argument in the rehttpd component

Basic Information

ID CVE-2026-2118

Source VulDB

Published Feb 8, 2026 at 00:02

Affected Product

Vendor UTT

Product HiPER 810

Version 1.7.4-141218

Affected Versions UTT HiPER 810 1.7.4-141218

CWE Classification

CWE-77 CWE-74

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor UTT

Product HiPER 810

Version 1.7.4-141218

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument Isp_Name can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-02-08T00:02:07.243Z",
    "modified": "2026-02-08T00:02:07.243Z",
    "type": "cve",
    "title": "UTT HiPER 810 rehttpd formReleaseConnect sub_4407D4 command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344693\nhttps://vuldb.com/?ctiid.344693\nhttps://vuldb.com/?submit.746802\nhttps://github.com/cha0yang1/UTT810CVE/blob/main/CVEreadme1.md\nhttps://github.com/cha0yang1/UTT810CVE/blob/main/CVEreadme1.md#poc",
    "id": "CVE-2026-2118",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "UTT HiPER 810 1.7.4-141218",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HiPER 810",
    "version": "1.7.4-141218",
    "vendor": "UTT",
    "ai_description": "Command injection vulnerability in UTT HiPER 810 1.7.4-141218 via manipulation of the Isp_Name argument in the rehttpd component",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "HiPER 810",
    "ai_version": "1.7.4-141218",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply