Skip to content
CVSS 8.8 · HIGH

CVE-2026-7419

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Ver en NVD

Análisis

The vulnerability affects a specific model of UTT router firmware which is not part of the standard software development or infrastructure stack used by the community. While the buffer overflow allows for remote exploitation and a public exploit exists, the impact is confined to niche networking hardware that does not warrant general attention.

Severidad

Puntaje: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-119CWE-120

EPSS

Probabilidad de explotación (próx. 30 días): 0.0005 (0.0%)
Percentil: 13.9%
EPSS: 2026-05-06

Descripción técnica

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Publicada: 29/4/2026, 23:16:20
Última modificación: 30/4/2026, 14:52:54

Referencias

InicioEventosBlogRecursosEquipo