Skip to content
CVSS 8.8 · HIGH

CVE-2026-7418

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Ver en NVD

Análisis

This is a buffer overflow in the firmware of a specific UTT HiPER router model. While the exploit is public and the severity is high, this hardware is not part of the common stack for Mexican software developers and is unlikely to be encountered in web, mobile, or backend environments.

Severidad

Puntaje: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-119CWE-120

EPSS

Probabilidad de explotación (próx. 30 días): 0.0005 (0.0%)
Percentil: 13.9%
EPSS: 2026-05-06

Descripción técnica

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Publicada: 29/4/2026, 22:16:22
Última modificación: 30/4/2026, 14:52:54

Referencias

InicioEventosBlogRecursosEquipo