810g Firmware
Monthly
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApMail handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at elevated risk. The attack requires network access but no user interaction, making it a significant threat to organizations using this device.
Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of service) against UTT HiPER 810G firmware versions up to 1.7.7-1711 through a buffer overflow in the /goform/getOneApConfTempEntry endpoint. Public exploit code is available and actively being leveraged in attacks. No patch is currently available for affected devices.
Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS filter configuration function allows authenticated attackers to execute arbitrary commands with full system privileges. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement network-level mitigations or device replacement until a fix is released.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in the /goform/formRemoteControl function that enables unauthenticated attackers to trigger a buffer overflow. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authenticated remote attackers to achieve complete system compromise through memory corruption. Public exploit code exists for this vulnerability, and no patch is currently available. Affected devices face immediate risk of remote code execution with high privileges from any authenticated user.
Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve full system compromise through a buffer overflow in the P2P limit configuration function. The vulnerability exists due to unsafe use of strcpy() in the /goform/formP2PLimitConfig endpoint and is exploitable over the network with public exploit code currently available. No patch has been released, making this a critical risk for deployed devices.
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve code execution by supplying an oversized GroupName parameter to the /goform/formPolicyRouteConf endpoint. Public exploit code exists for this vulnerability and no patch is currently available.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to execute arbitrary code by exploiting a buffer overflow in the /goform/formTaskEdit_ap endpoint. An attacker can trigger the vulnerability by crafting a malicious txtMin2 parameter that overflows the strcpy function, and public exploit code exists for this flaw. No patch is currently available for affected devices.
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to execute arbitrary code through the passwd1 parameter in the /goform/setSysAdm function. Public exploit code exists for this vulnerability and no patch is currently available. An authenticated attacker can leverage this flaw to achieve complete system compromise with high impact on confidentiality, integrity, and availability.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows unauthenticated attackers to overflow a buffer via the remark parameter in the /goform/ConfigExceptMSN endpoint. Public exploit code is available and no patch has been released, creating immediate risk for exposed devices.
Unauthenticated remote attackers can achieve complete system compromise through a buffer overflow in the UTT HiPER 810G firmware's /goform/ConfigExceptAli endpoint via unsafe string handling. Public exploit code is available for this vulnerability, increasing exploitation risk for unpatched devices. The flaw requires only network access and affects firmware version 1.7.7-171114 with no patch currently available.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve full system compromise via a buffer overflow in the Management Interface firewall configuration function. Public exploit code exists for this vulnerability, and no patch is available from the vendor despite early disclosure notification. The attack requires valid credentials but can be executed over the network without user interaction.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 via a buffer overflow in the /goform/formApMail handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at elevated risk. The attack requires network access but no user interaction, making it a significant threat to organizations using this device.
Unauthenticated remote attackers can achieve complete system compromise (code execution, data theft, and denial of service) against UTT HiPER 810G firmware versions up to 1.7.7-1711 through a buffer overflow in the /goform/getOneApConfTempEntry endpoint. Public exploit code is available and actively being leveraged in attacks. No patch is currently available for affected devices.
Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS filter configuration function allows authenticated attackers to execute arbitrary commands with full system privileges. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement network-level mitigations or device replacement until a fix is released.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in the /goform/formRemoteControl function that enables unauthenticated attackers to trigger a buffer overflow. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authenticated remote attackers to achieve complete system compromise through memory corruption. Public exploit code exists for this vulnerability, and no patch is currently available. Affected devices face immediate risk of remote code execution with high privileges from any authenticated user.
Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve full system compromise through a buffer overflow in the P2P limit configuration function. The vulnerability exists due to unsafe use of strcpy() in the /goform/formP2PLimitConfig endpoint and is exploitable over the network with public exploit code currently available. No patch has been released, making this a critical risk for deployed devices.
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve code execution by supplying an oversized GroupName parameter to the /goform/formPolicyRouteConf endpoint. Public exploit code exists for this vulnerability and no patch is currently available.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to execute arbitrary code by exploiting a buffer overflow in the /goform/formTaskEdit_ap endpoint. An attacker can trigger the vulnerability by crafting a malicious txtMin2 parameter that overflows the strcpy function, and public exploit code exists for this flaw. No patch is currently available for affected devices.
Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to execute arbitrary code through the passwd1 parameter in the /goform/setSysAdm function. Public exploit code exists for this vulnerability and no patch is currently available. An authenticated attacker can leverage this flaw to achieve complete system compromise with high impact on confidentiality, integrity, and availability.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows unauthenticated attackers to overflow a buffer via the remark parameter in the /goform/ConfigExceptMSN endpoint. Public exploit code is available and no patch has been released, creating immediate risk for exposed devices.
Unauthenticated remote attackers can achieve complete system compromise through a buffer overflow in the UTT HiPER 810G firmware's /goform/ConfigExceptAli endpoint via unsafe string handling. Public exploit code is available for this vulnerability, increasing exploitation risk for unpatched devices. The flaw requires only network access and affects firmware version 1.7.7-171114 with no patch currently available.
Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve full system compromise via a buffer overflow in the Management Interface firewall configuration function. Public exploit code exists for this vulnerability, and no patch is available from the vendor despite early disclosure notification. The attack requires valid credentials but can be executed over the network without user interaction.