CVE-2026-2847 | UTT HiPER 520 1.7.7-160105 Web Management Interface formReleaseConnect sub_44EFB4 Isp_Name os command injection

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability categorized as critical has been discovered in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument Isp_Name results in os command injection.

This vulnerability is reported as CVE-2026-2847. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-2847 | UTT HiPER 520 1.7.7-160105 Web Management Interface formReleaseConnect sub_44EFB4 Isp_Name os command injection

Post correlati

CVE-2025-6105 | jflyfox jfinal_cms 5.0.1 HOME.java Logout cross-site request forgery

CVE-2024-38319 | IBM Security SOAR 51.0.2.0 code injection (XFDB-294830)

CVE-2025-62611 | aiomysql up to 0.2.0 MySQL file inclusion

CVE-2025-27316 | hosting.io JPG, PNG Compression and Optimization Plugin up to 1.7.35 on WordPress cross-site request forgery