CVE-2026-4488

| EUVD-2026-13727 HIGH
2026-03-20 VulDB
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
PoC Detected
Mar 24, 2026 - 15:54 vuln.today
Public exploit code
Analysis Generated
Mar 20, 2026 - 15:52 vuln.today
EUVD ID Assigned
Mar 20, 2026 - 15:52 euvd
EUVD-2026-13727
CVE Published
Mar 20, 2026 - 15:32 nvd
HIGH 8.8

Tags

Buffer Overflow

Description

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected is the function strcpy of the file /goform/setSysAdm. Such manipulation of the argument GroupName leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Analysis

Remote code execution in UTT HiPER 1250GW firmware versions up to 3.2.7 allows authenticated attackers to overflow a buffer in the /goform/setSysAdm function via a malicious GroupName parameter. Public exploit code exists for this vulnerability, and no patch is currently available. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all UTT HiPER 1250GW devices in production and restrict administrative access to the /goform/setSysAdm endpoint. Within 7 days: Isolate affected devices from sensitive network segments, disable remote administration capabilities, and implement network segmentation to limit lateral movement. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +44
POC: +20

Share

CVE-2026-4488 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy