Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
AnalysisAI
Stack-based buffer overflow in UTT HiPER 1250GW router (versions up to 3.2.7-210907-180535) allows authenticated remote attackers to achieve arbitrary code execution with high integrity and availability impact via malformed Profile parameter in /goform/formRemoteControl endpoint. Publicly available exploit code exists. CVSS 8.8 reflects network accessibility with low attack complexity, though authentication requirement (PR:L) moderately reduces immediate exploit surface. No CISA KEV listing indicates exploitation remains proof-of-concept stage rather than widespread campaign activity.
Technical ContextAI
This vulnerability stems from improper input validation in the web management interface of UTT HiPER 1250GW routers, a networking device likely targeting small-to-medium enterprise deployments. The affected endpoint /goform/formRemoteControl processes user-supplied Profile parameter data without adequate bounds checking, triggering CWE-121 (stack-based buffer overflow). Stack overflows occur when unchecked input exceeds allocated buffer space in stack memory, enabling attackers to overwrite return addresses and control program execution flow. The CPE identifier cpe:2.3:a:utt:hiper_1250gw:*:*:*:*:*:*:*:* confirms this affects UTT's HiPER 1250GW product line. Web-based configuration interfaces in embedded routers frequently use form handlers (goform paths) for administrative tasks, making them high-value targets when authentication can be bypassed or credentials compromised through phishing, default passwords, or credential stuffing.
RemediationAI
No vendor-released patch identified at time of analysis based on provided reference data. VulDB entries (https://vuldb.com/vuln/355297) serve as disclosure records but do not reference UTT security bulletins or firmware updates addressing CVE-2026-5544. Organizations operating affected UTT HiPER 1250GW routers should immediately implement compensating controls: restrict administrative interface access to trusted management VLANs using firewall rules or access control lists, disable WAN-side management interface exposure entirely, enforce strong authentication with complex passwords and account lockout policies, deploy network segmentation to limit lateral movement if device compromise occurs, and implement intrusion detection signatures monitoring for /goform/formRemoteControl exploitation attempts. Contact UTT technical support directly to inquire about remediation timelines and potential beta firmware addressing this issue. Monitor UTT's official support channels and the VulDB entries for patch availability updates. Given the severity and public exploit availability, consider replacing affected devices with alternative vendor solutions if patching timelines extend beyond organizational risk tolerance, particularly for internet-facing deployments.
More in Hiper 1250Gw
View allStack-based buffer overflow in the UTT HiPER 1250GW SOHO router (firmware through 3.2.7-210907-180535) lets a network-ad
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of th
A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function st
Buffer overflow in UTT HiPER 1250GW router firmware (versions ≤3.2.7-210907-180535) allows authenticated remote attacker
Buffer overflow in UTT HiPER 1250GW firmware versions up to 3.2.7-210907-180535 allows authenticated remote attackers to
Remote code execution in UTT HiPER 1250GW firmware versions up to 3.2.7 allows authenticated attackers to overflow a buf
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-19038