CVE-2026-2118 | UTT HiPER 810 1.7.4-141218 rehttpd formReleaseConnect sub_4407D4 Isp_Name command injection

Inserito da Angelo Barbosa | Feb 6, 2026 | CVE

A vulnerability described as critical has been identified in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument Isp_Name can lead to command injection.

This vulnerability is tracked as CVE-2026-2118. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-2118 | UTT HiPER 810 1.7.4-141218 rehttpd formReleaseConnect sub_4407D4 Isp_Name command injection

Post correlati

CVE-2024-42188 | HCL Connections 7.0/8.0 access control (KB0117387)

CVE-2024-50196 | Linux Kernel up to 5.15.168/6.1.113/6.6.57/6.11.4 pinctrl chained_irq_enter denial of service

CVE-2024-27303 | app-builder-lib NSIS Installer untrusted search path

CVE-2022-50551 | Linux Kernel up to 6.1.1 firmware.c brcmf_fw_alloc_request out-of-bounds