Primary

Context

UTT HiPER 810G Buffer Overflow Vulnerability in the setSysAdm Function

Vulnerability

A buffer overflow vulnerability has been identified in the UTT HiPER 810G router, in firmware versions through 1.7.7-1711. The issue arises in the /goform/setSysAdm file, where the strcpy function is used to copy data from the passwd1 parameter into a memory location without proper size validation. This vulnerability can be exploited remotely, leading to potential buffer overflow attacks and denial-of-service conditions.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition on the device.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /goform/setSysAdm endpoint. The request must include a Digest authorization header. The passwd1 parameter should be populated with a large amount of data, which will overflow the buffer and into adjacent memory.

Added: Feb 23, 2026, 9:19 AM

Updated: Feb 23, 2026, 9:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UTT HiPER 810G Buffer Overflow Vulnerability in the setSysAdm Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating