CVE-2026-2847

High CVSS: 7.3

A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument Isp_Name results in os command injection. The attack can be launched remotely. The exploit is now public and may be used.

Vendor

Utt

Product

520 Firmware

CWE

CWE-77

Yayın Tarihi

2026-02-20 16:22:45

Güncelleme

2026-02-24 15:25:09

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-77 520 Firmware HIGH Utt 2026

Referanslar

https://github.com/cha0yang1/UTT520CVE/blob/main/UTTRCE2.md https://vuldb.com/?ctiid.347083 https://vuldb.com/?id.347083 https://vuldb.com/?submit.753965

Benzer Kayıtlar

High

CVE-2026-3815

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/…

High

CVE-2026-3814

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of…

High

CVE-2026-3700

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform…

High

CVE-2026-3699

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /…

High

CVE-2026-3698

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /gofor…

High

CVE-2026-3016

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affected element is the function strcpy of the…