Skip to main content

UTT nv518G CVE-2026-52189

HIGH
Classic Buffer Overflow (CWE-120)
2026-07-02 mitre
7.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
7.5 HIGH

Unauthenticated network-reachable crash via HTTP management interface (AV:N/AC:L/PR:N/UI:N); impact is availability-only denial of service with no confidentiality or integrity effect.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jul 06, 2026 - 16:26 vuln.today
CVSS changed
Jul 06, 2026 - 16:22 NVD
7.5 (HIGH)
CVE Published
Jul 02, 2026 - 00:00 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_487330 component

AnalysisAI

Denial of service in the UTT nv518G security gateway/router (firmware nv518GV3v3.2.7-210919-161313) lets remote attackers crash the device by triggering a buffer overflow in the gohead web-management component's sub_487330 (FUN_00487330) function. The CVSS vector indicates unauthenticated network exploitation with availability-only impact, EPSS is low at 0.22% (13th percentile), and no active exploitation is recorded, though a public technical write-up of the flawed function exists on GitHub.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach gohead management interface
Delivery
Send oversized crafted HTTP request
Exploit
Overflow buffer in sub_487330
Execution
Crash gateway service
Impact
Denial of service for downstream users

Vulnerability AssessmentAI

Exploitation Exploitation requires network access to the device's gohead HTTP management interface and the ability to send a request that reaches the sub_487330/FUN_00487330 code path; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication or user interaction is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are consistent but modest: the CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H, C:N/I:N) describes an easy, unauthenticated, network-reachable crash with no confidentiality or integrity impact, yielding 7.5 (High) driven purely by availability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network reachability to the nv518G management interface sends a crafted oversized HTTP request that reaches the sub_487330 handler in the gohead daemon, overflowing an unchecked buffer and crashing the service. This knocks the gateway offline, disrupting connectivity for everyone behind it; a public GitHub write-up documenting the vulnerable function could aid reproduction, though no confirmed weaponized exploit is listed.
Remediation No vendor-released patched firmware version is identified at time of analysis; check the UTT download center (https://utt.com.cn/downloadcenter.php?filetypeid=3&model=518G&lang=zhcn) for firmware later than nv518GV3v3.2.7-210919-161313 and apply it once published. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all UTT nv518G devices running firmware nv518GV3v3.2.7-210919-161313 or similar versions; restrict network access to the management interface (gohead component) via firewall rules to trusted administrative networks only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

CVE-2026-52189 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy