Severity by source
AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the notes parameter of the formGroupConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
AnalysisAI
Buffer overflow in UTT Aggressive HiPER 810G v3 version 1.7.7-171114 within the notes parameter of the formGroupConfig function enables authenticated administrators to trigger a denial of service condition through a crafted input. The vulnerability requires high-privilege access and cannot result in code execution, but represents a threat to device availability. No public exploit code has been independently confirmed, and this CVE does not appear on the CISA KEV catalog at time of analysis.
Technical ContextAI
The vulnerability is a classic stack or heap buffer overflow (CWE-120) in a web-accessible configuration function. The formGroupConfig function fails to properly validate the length of the notes parameter before copying user-supplied data into a fixed-size buffer, allowing an authenticated administrator to write beyond buffer boundaries. This memory corruption triggers a denial of service condition on the UTT Aggressive HiPER 810G device, which is a network appliance or telecommunications equipment. The affected product is identified via CPE pattern for UTT devices running firmware version 1.7.7-171114.
RemediationAI
Contact UTT support or monitor the vendor's security advisory at https://nvd.nist.gov/vuln/detail/CVE-2026-31060 for availability of a firmware patch. Interim mitigation includes restricting administrative access to the formGroupConfig function and limiting network-adjacent access to the device's web interface through network segmentation and firewall rules. If a patched firmware version is released, apply it as soon as possible to all affected HiPER 810G v3 devices. Until a patch is available, monitor device logs for errors related to configuration management and enforce the principle of least privilege for administrative accounts.
More in 810g Firmware
View allRemote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve
Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve f
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to exe
Unauthenticated remote attackers can achieve complete system compromise through a buffer overflow in the UTT HiPER 810G
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApM
Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of servi
Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS f
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in t
A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authen
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows unauthenticated attackers to overfl
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to exe
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-19255
GHSA-495h-3r6f-j5gc