CVE-2026-2980

Sažetak

A vulnerability has been found in UTT HiPER 810G up to 1.7.7-1711. Impacted is the function strcpy of the file /goform/setSysAdm. The manipulation of the argument passwd1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/7wkajk/CVE-VUL/blob/main/4.md
https://github.com/7wkajk/CVE-VUL/blob/main/4.md#poc
https://vuldb.com/?ctiid.347364
https://vuldb.com/?id.347364
https://vuldb.com/?submit.756130

CVSS

Base:	8.3
Impact:	10.0
Exploitability:	6.4

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:M/C:C/I:C/A:C

Zadnje važnije ažuriranje

23-02-2026 - 18:13

Objavljeno

23-02-2026 - 09:17