CVE-2026-1162

CRITICAL

UTT 810 Firmware - Memory Corruption

Title source: rule

Description

A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of the file /goform/setSysAdm. This manipulation of the argument passwd1 causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

References (5)

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.341756

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.341756

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.736511

[Broken Link] https://github.com/cha0yang1/UTT810/blob/main/1.md

[Broken Link] https://github.com/cha0yang1/UTT810/blob/main/1.md#poc

Scores

CVSS v3 9.8

EPSS 0.0015

EPSS Percentile 35.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-119 CWE-120

Status published

Products (1)

utt/810_firmware 1.7.4-141218

Published Jan 19, 2026

Tracked Since Feb 18, 2026