CVE-2026-4318

HIGH

UTT HiPER 810G formApLbConfig strcpy buffer overflow

Title source: cna

Description

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

References (4)

[Exploit] https://github.com/xiaoheshang404/cve/issues/1#issue-4026284809

[Vdb Entry, Technical Description] https://vuldb.com/?id.351362

[Signature, Permissions Required] https://vuldb.com/?ctiid.351362

[Third Party Advisory] https://vuldb.com/?submit.772659

Scores

CVSS v3 8.8

EPSS 0.0005

EPSS Percentile 16.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-119 CWE-120

Status published

Products (1)

UTT/HiPER 810G 1.7.7-171114

Published Mar 17, 2026

Tracked Since Mar 17, 2026