{"id":7275,"date":"2025-06-26T20:04:27","date_gmt":"2025-06-26T20:04:27","guid":{"rendered":"http:\/\/localhost\/?p=7275"},"modified":"2025-06-26T20:04:27","modified_gmt":"2025-06-26T20:04:27","slug":"utt-hiper-840g-api-formconfigdnsfilterglobal-sub416928-buffer-overflow","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7275","title":{"rendered":"UTT HiPER 840G API formConfigDnsFilterGlobal sub_416928 buffer overflow"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nUTT HiPER 840G API formConfigDnsFilterGlobal sub_416928 buffer overflow<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-26T22:31:05.529Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nUTT<\/td>\n<\/tr>\n
Product<\/th>\nHiPER 840G<\/td>\n<\/tr>\n
Version<\/th>\n3.1.1-190328<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n8.7 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical buffer overflow vulnerability in UTT HiPER 840G’s API allows remote attackers to exploit the GroupName argument in formConfigDnsFilterGlobal. This can lead to system compromise. The vendor has not responded to disclosure attempts, increasing the risk.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
Vendor<\/th>\nUTT<\/td>\n<\/tr>\n
Product<\/th>\nHiPER 840G<\/td>\n<\/tr>\n
Affected Version<\/th>\n3.1.1-190328<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n