CVE-2026-2846 | UTT HiPER 520 1.7.7-160105 Web Management Interface /goform/formPdbUpConfig sub_44D264 policyNames os command injection

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability was found in UTT HiPER 520 1.7.7-160105. It has been rated as critical. This impacts the function sub_44D264 of the file /goform/formPdbUpConfig of the component Web Management Interface. The manipulation of the argument policyNames leads to os command injection.

This vulnerability is documented as CVE-2026-2846. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-2846 | UTT HiPER 520 1.7.7-160105 Web Management Interface /goform/formPdbUpConfig sub_44D264 policyNames os command injection

Post correlati

CVE-2024-52675 | SourceCodester Sentiment Based Movie Rating System 1.0 /msrps/movies.php sql injection

CVE-2024-47377 | ThemeKraft BuddyForms Plugin up to 2.8.12 on WordPress cross site scripting

CVE-2025-6175 | DECE Geodi up to 9.0.146 HTTP Request crlf injection

CVE-2024-23525 | Spreadsheet::ParseXLSX up to 0.29 on Perl XML::Twig no_xxe xml external entity reference (Issue 10)