{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2904", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-20T20:08:08.431Z", "datePublished": "2026-02-22T00:32:11.578Z", "dateUpdated": "2026-02-26T16:21:49.621Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-22T00:32:11.578Z"}, "title": "UTT HiPER 810G ConfigExceptAli strcpy buffer overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "UTT", "product": "HiPER 810G", "versions": [{"version": "1.7.7-171114", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-02-20T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-20T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-20T21:13:11.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "smitug01 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.347213", "name": "VDB-347213 | UTT HiPER 810G ConfigExceptAli strcpy buffer overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.347213", "name": "VDB-347213 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.755113", "name": "Submit #755113 | UTT HiPER 810G v3v1.7.7-171114 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://vuln.ricky.place/UTT/HiPER%20810G/", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-26T16:21:38.719655Z", "id": "CVE-2026-2904", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:21:49.621Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:utt:810g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EACA25AC-9976-4066-A6C6-6C2CA6D37BE3", "versionEndIncluding": "1.7.7-171114", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:utt:810g:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C6B1A13-F7CD-422E-A90E-8020D076FC4A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en UTT HiPER 810G 1.7.7-171114 que afecta a la funci\u00f3n strcpy del archivo /goform/ConfigExceptAli. Su ejecuci\u00f3n si ha sido manipulado puede provocar un desbordamiento de b\u00fafer. El ataque puede ser lanzado en remoto. El exploit ha sido divulgado p\u00fablicamente y puede ser utilizado."}], "id": "CVE-2026-2904", "lastModified": "2026-02-24T17:49:09.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-22T01:16:00.797", "references": [{"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.347213"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.347213"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.755113"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://vuln.ricky.place/UTT/HiPER%20810G/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-120"}], "source": "cna@vuldb.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.7.7-171114"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "HiPER 810G", "source": "cna", "vendor": "UTT"}, "product": "hiper_810g", "vendor": "utt"}], "analysis": {"en": {"generated_at": "2026-04-18T11:14:59.946785+00:00", "value": {"mitigation_remediation": ["Install the latest UTT HiPER 810G firmware that fixes the unsafe strcpy usage in the ConfigExceptAli endpoint.", "If a firmware update is unavailable, block or disable external access to the device\u2019s web interface, particularly the /goform/ConfigExceptAli endpoint, to limit remote exploitation.", "Place the device within a segregated network segment and apply firewall rules that restrict traffic to trusted hosts only.", "Monitor device logs for unexpected activity related to the ConfigExceptAli interface and review for signs of potential exploitation attempts."], "summary": {"action": "Apply Patch", "impact": "Unsafe strcpy buffer overflow in ConfigExceptAli endpoint"}, "threat_synthesis": {"affected_systems": "The vulnerability is documented for UTT HiPER 810G firmware version 1.7.7\u2011171114. No other firmware versions are listed as affected in the available information.", "description_and_impact": "The flaw is a classic buffer overflow caused by the use of an unsafe strcpy function in the /goform/ConfigExceptAli interface of the UTT HiPER 810G firmware. The copying operation can overwrite adjacent memory, potentially corrupting internal data structures. The CVE description does not assert arbitrary code execution; however, such overflows can lead to undefined behavior, including possible crashes, data loss, or other forms of memory corruption that could impact device availability and the integrity of its configuration.", "risk_and_exploitability": "The CVSS score of 8.7 signals a high severity risk. The EPSS score is less than 1%, indicating a very low probability of exploitation at present. The issue is not included in CISA's KEV catalog. The description states that the attack can be launched remotely, likely through the device's web management interface at /goform/ConfigExceptAli. An attacker would need network connectivity to the device, and the vulnerability may be exploitable with or without authentication, depending on the interface\u2019s protection mechanisms."}}}}, "created": "2026-02-23T14:29:47.618874+00:00", "updated": "2026-04-18T11:15:35.920507+00:00", "vendors": ["utt", "utt$PRODUCT$hiper_810g"]}