{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6186", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-13T08:33:39.778Z", "datePublished": "2026-04-13T15:15:11.716Z", "dateUpdated": "2026-04-14T19:37:43.525Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-13T15:15:11.716Z"}, "title": "UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "UTT", "product": "HiPER 1200GW", "versions": [{"version": "2.5.3-170306", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-13T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-13T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-13T10:38:44.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "QMSSDXN (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/357108", "name": "VDB-357108 | UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/357108/cti", "name": "VDB-357108 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/797304", "name": "Submit #797304 | UTT HiPER 1200GW <=v2.5.3-170306 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/lin-3-start/lin-cve/blob/main/Amao/1.md", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6186", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T19:33:49.505175Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:37:43.525Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6186", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T19:33:49.505175Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:35:50.608Z"}}], "cna": {"title": "UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow", "credits": [{"lang": "en", "type": "reporter", "value": "QMSSDXN (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "UTT", "product": "HiPER 1200GW", "versions": [{"status": "affected", "version": "2.5.3-170306"}]}], "timeline": [{"lang": "en", "time": "2026-04-13T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-13T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-13T10:38:44.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/357108", "name": "VDB-357108 | UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/357108/cti", "name": "VDB-357108 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/797304", "name": "Submit #797304 | UTT HiPER 1200GW <=v2.5.3-170306 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/lin-3-start/lin-cve/blob/main/Amao/1.md", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-13T15:15:11.716Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6186", "state": "PUBLISHED", "dateUpdated": "2026-04-14T19:37:43.525Z", "dateReserved": "2026-04-13T08:33:39.778Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-13T15:15:11.716Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used."}], "id": "CVE-2026-6186", "lastModified": "2026-04-22T20:23:16.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-13T16:16:35.827", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/lin-3-start/lin-cve/blob/main/Amao/1.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/797304"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/357108"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/357108/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-120"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2.5.3-170306"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "hiper_1200gw", "vendor": "utt"}], "analysis": {"en": {"generated_at": "2026-04-13T16:22:44.651080+00:00", "value": {"mitigation_remediation": ["Upgrade the UTT HiPER 1200GW firmware to a version newer than 2.5.3\u2011170306 where the strcpy issue is fixed.", "If an immediate firmware upgrade is not possible, block or limit external access to the /goform/formNatStaticMap endpoint using a firewall or network segmentation.", "Continuously monitor device logs and configuration for any signs of unauthorized activity or exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Remote Buffer Overflow leading to possible code execution"}, "threat_synthesis": {"affected_systems": "The flaw affects all UTT HiPER 1200GW appliances running firmware versions up to 2.5.3\u2011170306. Devices manufactured or sold by UTT under the HiPER 1200GW line are impacted. No other vendors or versions are explicitly listed. The attack vector is remote, as the vulnerable endpoint is accessible over the management interface.", "description_and_impact": "The vulnerability is a classic buffer overflow in the strcpy implementation within the formNatStaticMap handler. By providing a specially crafted NatBind argument, an attacker can overflow the fixed\u2011size buffer, corrupting adjacent memory. Depending on the firmware\u2019s memory layout, this could allow arbitrary code execution or destabilize the device, potentially exposing sensitive configuration or control. The weakness is a classic stack buffer overflow (CWE\u2011119) and related to unsafe string handling (CWE\u2011120).", "risk_and_exploitability": "The CVSS base score is 8.7, indicating high severity. EPSS data is unavailable, but public disclosures and code are already available, implying the exploit is likely to be used by malicious actors. Because the vulnerability is remote and the exploit can be crafted with standard tools, the operational risk is high for any exposed HiPER 1200GW device. KEV does not list it, but the public presence suggests a real threat."}}}}, "created": "2026-04-14T16:19:04.688618+00:00", "updated": "2026-04-14T16:34:13.108929+00:00", "vendors": ["utt", "utt$PRODUCT$hiper_1200gw"]}