What is the CVSS score of EUVD-2026-19263?

EUVD-2026-19263 has a CVSS 3.1 base score of 4.5 (Medium). CVSS vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

520w Firmware EUVD-2026-19263

| CVE-2026-31065 MEDIUM

Classic Buffer Overflow (CWE-120)

2026-04-06 cve@mitre.org

GHSA-pq4m-hq9c-2vrf

Denial Of Service Buffer Overflow 520w Firmware

4.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

4.5 MEDIUM

AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 06, 2026 - 15:22 euvd

EUVD-2026-19263

Analysis Generated

Apr 06, 2026 - 15:22 vuln.today

CVE Published

Apr 06, 2026 - 15:17 nvd

MEDIUM 4.5

DescriptionCVE.org

UTT Aggressive 520W v3v1.7.7-180627 was discovered to contain a buffer overflow in the addCommand parameter of the formConfigCliForEngineerOnly function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

AnalysisAI

Buffer overflow in UTT Aggressive 520W v3 firmware version 1.7.7-180627 allows authenticated high-privilege attackers to cause denial of service by supplying crafted input to the addCommand parameter of the formConfigCliForEngineerOnly function. The vulnerability requires administrative-level access and local network connectivity, limiting real-world attack surface despite the buffer overflow class of vulnerability.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS v3.1 score of 4.5 with vector AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H reflects low-to-moderate real-world risk despite the buffer overflow class. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An authenticated administrator with high privilege access on the same local network segment connects to the UTT Aggressive 520W v3 device (via web interface or CLI) and submits a crafted, oversized payload in the addCommand parameter to the formConfigCliForEngineerOnly function. The application fails to validate input length and copies the attacker-supplied data into a fixed-size buffer, corrupting adjacent memory. …
Remediation	Contact UTT (Universal Telemetry Technologies or equivalent vendor) for a patched firmware version addressing CVE-2026-31065. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-19263 vulnerability details – vuln.today

Back

520w Firmware EUVD-2026-19263

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Share

External POC / Exploit Code