Skip to main content

810g Firmware CVE-2026-2086

HIGH
Buffer Overflow (CWE-119)
2026-02-07 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Feb 24, 2026 - 20:05 vuln.today
Public exploit code
CVE Published
Feb 07, 2026 - 14:16 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve full system compromise via a buffer overflow in the Management Interface firewall configuration function. Public exploit code exists for this vulnerability, and no patch is available from the vendor despite early disclosure notification. The attack requires valid credentials but can be executed over the network without user interaction.

Technical ContextAI

Classified as CWE-119 (Buffer Overflow). Affects 810G Firmware. A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

RemediationAI

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible. Restrict network access to the affected service where possible.

CVE-2026-3016 HIGH POC
8.8 Feb 23

Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve f

CVE-2026-3015 HIGH POC
8.8 Feb 23

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve

CVE-2026-2981 HIGH POC
8.8 Feb 23

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to exe

CVE-2026-2904 HIGH POC
8.8 Feb 22

Unauthenticated remote attackers can achieve complete system compromise through a buffer overflow in the UTT HiPER 810G

CVE-2026-3815 HIGH POC
8.8 Mar 09

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApM

CVE-2026-3814 HIGH POC
8.8 Mar 09

Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of servi

CVE-2026-3700 HIGH POC
8.8 Mar 08

Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS f

CVE-2026-3699 HIGH POC
8.8 Mar 08

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in t

CVE-2026-3698 HIGH POC
8.8 Mar 08

A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authen

CVE-2026-2935 HIGH POC
7.2 Feb 22

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows unauthenticated attackers to overfl

CVE-2026-2980 HIGH POC
7.2 Feb 23

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to exe

CVE-2026-31066 MEDIUM
4.5 Apr 06

Buffer overflow in UTT Aggressive HiPER 810G v3 v1.7.7-171114 formTaskEdit function allows authenticated administrators

Share

CVE-2026-2086 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy