Primary

Context

UTT HiPER Buffer Overflow Vulnerability in DNS Filter Configuration

Vulnerability

A buffer overflow vulnerability has been identified in UTT HiPER version 2610G, up to 3.0.0-171107. The issue arises in the 'strcpy' function within the '/goform/formConfigDnsFilterGlobal' file. By manipulating the 'GroupName' argument, an attacker can exploit this vulnerability remotely. The exploit has been publicly disclosed and may be actively used.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing a crash.

Reproduction

To reproduce this vulnerability, send a crafted request to the '/goform/formConfigDnsFilterGlobal' endpoint, manipulating the 'GroupName' argument to trigger the buffer overflow. This can be done remotely.

Added: Jun 8, 2026, 3:54 PM

Updated: Jun 8, 2026, 3:54 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UTT HiPER Buffer Overflow Vulnerability in DNS Filter Configuration

Vulnerability

Impact

Reproduction

Affected Products

UTT HiPER 2610G

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating