CVE-2026-11517
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
A vulnerability was identified in UTT HiPER 2610G up to version 3.0.0-171107, affecting the strcpy function in the file /goform/formConfigDnsFilterGlobal. Manipulating the argument GroupName can lead to buffer overflow.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a significant security risk to the system. The public disclosure of the exploit increases the likelihood of attacks.
Recommendation
It is recommended to update the device to the latest software version to eliminate this vulnerability. Additionally, monitoring systems for unauthorized access attempts is advised.
Original NVD description (English source)
A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

