CVE 8.7 HIGH

UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow_CVE-2026-7420

April 29, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

AI Analysis

Buffer overflow vulnerability in UTT HiPER 1250GW up to 3.2.7-210907-180535 via the strcpy function in the route/goform/ConfigAdvideo file, allowing remote attacks.

Basic Information

ID CVE-2026-7420

Source VulDB

Published Apr 29, 2026 at 22:30

Affected Product

Vendor UTT

Product HiPER 1250GW

Version 3.2.7-210907-180535

Affected Versions UTT HiPER 1250GW 3.2.7-210907-180535

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor UTT

Product HiPER 1250GW

Version 3.2.7-210907-180535

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.",
    "published": "2026-04-29T22:30:12.855Z",
    "modified": "2026-04-29T22:30:12.855Z",
    "type": "cve",
    "title": "UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/360157\nhttps://vuldb.com/vuln/360157/cti\nhttps://vuldb.com/submit/803997\nhttps://github.com/kirlic123/IOTvulner/blob/main/4035/5/5.md",
    "id": "CVE-2026-7420",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "UTT HiPER 1250GW 3.2.7-210907-180535",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HiPER 1250GW",
    "version": "3.2.7-210907-180535",
    "vendor": "UTT",
    "ai_description": "Buffer overflow vulnerability in UTT HiPER 1250GW up to 3.2.7-210907-180535 via the strcpy function in the route/goform/ConfigAdvideo file, allowing remote attacks.",
    "ai_severity": "High",
    "ai_vendor": "UTT",
    "ai_product": "HiPER 1250GW",
    "ai_version": "3.2.7-210907-180535",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply