CVE-2026-9631
HighSummary
A vulnerability was detected in UTT HiPER 1250GW up to version 3.2.7-210907-180535, affecting the strcpy function in the /goform/formConfigFastDirectionW file of the Web Management Interface. Manipulating the Profile argument results in a stack-based buffer overflow.
Risk Assessment
This vulnerability allows for remote exploitation, potentially leading to unauthorized access to the system. The availability of a public exploit increases the risk of this vulnerability being exploited.
Recommendation
It is recommended to update the software to the latest version to mitigate this vulnerability. Additionally, monitoring systems for unauthorized access attempts is advised.
Original NVD description (English source)
A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used.

