CVE-2026-7420

Sažetak

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

Reference

https://github.com/kirlic123/IOTvulner/blob/main/4035/5/5.md
https://vuldb.com/submit/803997
https://vuldb.com/vuln/360157
https://vuldb.com/vuln/360157/cti

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-04-2026 - 23:16

Objavljeno

29-04-2026 - 23:16