CVE Catalog

CVE-2026-9631

High
Published: Translated: NVD NIST

Summary

A vulnerability was detected in UTT HiPER 1250GW up to version 3.2.7-210907-180535, affecting the strcpy function in the /goform/formConfigFastDirectionW file of the Web Management Interface. Manipulating the Profile argument results in a stack-based buffer overflow.

Risk Assessment

This vulnerability allows for remote exploitation, potentially leading to unauthorized access to the system. The availability of a public exploit increases the risk of this vulnerability being exploited.

Recommendation

It is recommended to update the software to the latest version to mitigate this vulnerability. Additionally, monitoring systems for unauthorized access attempts is advised.

Original NVD description (English source)

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS