CVE-2026-2086
8.8 HIGHPublished 2026-02-07 · Modified 2026-02-09 · Awaiting Analysis
Quick Summary
A buffer overflow vulnerability exists in the web management interface of UTT HiPER 810G routers. Attackers can remotely exploit this flaw by sending specially crafted data to the device, potentially allowing them to take control of it.
Who is affected
Users of UTT HiPER 810G routers with firmware version 1.7.7-171114 or earlier are affected. A successful attacker could execute arbitrary code on the device, leading to a complete compromise.
Recommended fix
As the vendor has not provided a patch, users should immediately isolate the router's management interface from untrusted networks (e.g., the internet). If possible, consider replacing the device with a supported product from a responsive vendor.
Technical Description
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-119, CWE-120