UTT HiPER 1250GW Parameter formConfigDnsFilterGlobal strcpy buffer overflow_CVE-2026-4862

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2026-4862

Source VulDB

Published Mar 26, 2026 at 09:00

Modified Mar 26, 2026 at 18:23

Affected Product

Vendor UTT

Product HiPER 1250GW

Version 3.2.7-210907-180535

Affected Versions UTT HiPER 1250GW 3.2.7-210907-180535

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2026-03-26T09:00:32.777Z",
    "modified": "2026-03-26T18:23:53.788Z",
    "type": "cve",
    "title": "UTT HiPER 1250GW Parameter formConfigDnsFilterGlobal strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.353193\nhttps://vuldb.com/?ctiid.353193\nhttps://vuldb.com/?submit.776230\nhttps://github.com/kirlic123/IOTvulner/blob/main/309-1/5.md",
    "id": "CVE-2026-4862",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT HiPER 1250GW 3.2.7-210907-180535",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HiPER 1250GW",
    "version": "3.2.7-210907-180535",
    "vendor": "UTT",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}