CVE-2026-14721
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk36th percentile — higher than 36% of all known CVEs
Summary
A vulnerability was found in UTT HiPER 1250GW up to version 3.2.7-210907-180535 in the file /goform/ConfigWirelessBase_5g. Manipulation of the ssid argument leads to a stack-based buffer overflow, exploitable remotely. The exploit has been publicly disclosed.
Risk Assessment
An attacker can remotely take control of the device, leading to network integrity compromise and potential traffic interception.
Recommendation
Immediately update the firmware to the latest version or apply temporary firewall rules to block access to the vulnerable endpoint.
Original NVD description (English source)
A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

