CVE-2026-4862 | UTT HiPER 1250GW up to 3.2.7-210907-180535 Parameter formConfigDnsFilterGlobal strcpy GroupName buffer overflow

Inserito da Angelo Barbosa | Mar 25, 2026 | CVE

A vulnerability classified as critical was found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument GroupName leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2026-4862. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-4862 | UTT HiPER 1250GW up to 3.2.7-210907-180535 Parameter formConfigDnsFilterGlobal strcpy GroupName buffer overflow

Post correlati

CVE-2025-12266 | Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009 /index.php/auth/widget _empty get.layer/get.widget/get.action code injection

CVE-2024-37645 | TrendNet TEW-814DAP 1.01B01 Parameter /formSysLog submit-url stack-based overflow

CVE-2024-21880 | Enphase IQ Gateway URL Parameter command injection

CVE-2024-33673 | Veritas Backup Exec up to 22.2 untrusted search path