Primary

Context

UTT HiPER Buffer Overflow Vulnerability in the formUser Function

Vulnerability

A buffer overflow vulnerability has been identified in UTT HiPER models 1200GW, versions up to 2.5.3-1703. The issue arises in the formUser function, where improper use of the strcpy function creates the potential for a buffer overflow. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending a crafted request to the /goform/formUser endpoint. The request must include a payload that exceeds the buffer size, taking advantage of the vulnerable strcpy function. This can be done using a variety of tools or scripts that automate the process of sending such requests.

Added: May 1, 2026, 12:18 AM

Updated: May 1, 2026, 12:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

7.2

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

7.2

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UTT HiPER Buffer Overflow Vulnerability in the formUser Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating