Skip to main content

Hiper 1250Gw CVE-2026-5544

| EUVDEUVD-2026-19038 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-04-05 VulDB
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Re-analysis Queued
Apr 24, 2026 - 18:22 vuln.today
cvss_changed
PoC Detected
Apr 07, 2026 - 13:20 vuln.today
Public exploit code
EUVD ID Assigned
Apr 05, 2026 - 05:30 euvd
EUVD-2026-19038
Analysis Generated
Apr 05, 2026 - 05:30 vuln.today
CVE Published
Apr 05, 2026 - 04:45 nvd
HIGH 7.4

DescriptionCVE.org

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

AnalysisAI

Stack-based buffer overflow in UTT HiPER 1250GW router (versions up to 3.2.7-210907-180535) allows authenticated remote attackers to achieve arbitrary code execution with high integrity and availability impact via malformed Profile parameter in /goform/formRemoteControl endpoint. Publicly available exploit code exists. CVSS 8.8 reflects network accessibility with low attack complexity, though authentication requirement (PR:L) moderately reduces immediate exploit surface. No CISA KEV listing indicates exploitation remains proof-of-concept stage rather than widespread campaign activity.

Technical ContextAI

This vulnerability stems from improper input validation in the web management interface of UTT HiPER 1250GW routers, a networking device likely targeting small-to-medium enterprise deployments. The affected endpoint /goform/formRemoteControl processes user-supplied Profile parameter data without adequate bounds checking, triggering CWE-121 (stack-based buffer overflow). Stack overflows occur when unchecked input exceeds allocated buffer space in stack memory, enabling attackers to overwrite return addresses and control program execution flow. The CPE identifier cpe:2.3:a:utt:hiper_1250gw:*:*:*:*:*:*:*:* confirms this affects UTT's HiPER 1250GW product line. Web-based configuration interfaces in embedded routers frequently use form handlers (goform paths) for administrative tasks, making them high-value targets when authentication can be bypassed or credentials compromised through phishing, default passwords, or credential stuffing.

RemediationAI

No vendor-released patch identified at time of analysis based on provided reference data. VulDB entries (https://vuldb.com/vuln/355297) serve as disclosure records but do not reference UTT security bulletins or firmware updates addressing CVE-2026-5544. Organizations operating affected UTT HiPER 1250GW routers should immediately implement compensating controls: restrict administrative interface access to trusted management VLANs using firewall rules or access control lists, disable WAN-side management interface exposure entirely, enforce strong authentication with complex passwords and account lockout policies, deploy network segmentation to limit lateral movement if device compromise occurs, and implement intrusion detection signatures monitoring for /goform/formRemoteControl exploitation attempts. Contact UTT technical support directly to inquire about remediation timelines and potential beta firmware addressing this issue. Monitor UTT's official support channels and the VulDB entries for patch availability updates. Given the severity and public exploit availability, consider replacing affected devices with alternative vendor solutions if patching timelines extend beyond organizational risk tolerance, particularly for internet-facing deployments.

Share

CVE-2026-5544 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy