Multiple Buffer Overflows Expose UTT HiPER 1250GW Routers to Remote Exploitation
Three high-severity vulnerabilities have been disclosed in UTT HiPER 1250GW devices running versions up to 3.2.7-210907-180535, exposing the routers to remote buffer overflow attacks. The flaws, tracked as CVE-2026-7418, CVE-2026-7419, and CVE-2026-7420, affect strcpy handling in the route/goform/NTP, route/goform/formTaskEdit_ap, and route/goform/ConfigAdvideo components respectively. In each case, an attacker can manipulate the Profile argument to trigger memory corruption.
The vulnerabilities are described as remotely exploitable with low attack complexity and low privileges, and public exploit code is already available. All three CVEs carry high impact ratings across confidentiality, integrity, and availability, and are mapped to CWE-119 and CWE-120, indicating improper bounds handling and classic stack-based buffer overflow conditions. The disclosures point to a broad input-validation weakness in the device web management interface that could enable compromise of affected routers.
Timeline
Apr 29, 2026
Public exploit availability was disclosed for the UTT flaws
The disclosures stated that public exploit code was available for the three UTT HiPER 1250GW vulnerabilities. The CVE entries also classified the issues under CWE-119 and CWE-120 and assigned high-impact CVSS scores across multiple versions.
Apr 29, 2026
Three UTT HiPER 1250GW buffer overflow CVEs were recorded
On April 29, 2026, CVE-2026-7418, CVE-2026-7419, and CVE-2026-7420 were recorded for UTT HiPER 1250GW devices up to version 3.2.7-210907-180535. The flaws affect strcpy handling in the NTP, formTaskEdit_ap, and ConfigAdvideo components, enabling remotely exploitable buffer overflows via manipulation of the Profile argument.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Publicly Exploitable Buffer Overflow Flaws Disclosed in UTT HiPER Gateway Routers
Two high-severity vulnerabilities have been disclosed in UTT HiPER gateway routers, affecting the **HiPER 1250GW** and **HiPER 1200GW** product lines. The flaws, tracked as `CVE-2026-5566` and `CVE-2026-6186`, are buffer overflows in the `strcpy` handling of the `/goform/formNatStaticMap` component. In both cases, an attacker can manipulate the `NatBind` argument to trigger the overflow on vulnerable firmware versions, including HiPER 1250GW up to `3.2.7-210907-180535` and HiPER 1200GW up to `2.5.3-170306`. The vulnerabilities are described as **remotely exploitable** with **low attack complexity**, and public exploit disclosure has already been noted for both issues, raising the risk of real-world abuse. The CVE records map the flaws to `CWE-119` and `CWE-120`, indicating classic memory-safety failures with potential impact on confidentiality, integrity, and availability. Organizations using affected UTT devices should urgently identify exposed systems, review vendor advisories and referenced technical details, and prioritize remediation or compensating controls for internet-accessible management interfaces.
2 weeks ago
Remote Buffer Overflows Disclosed in UTT HiPER 1200GW and 1250GW Routers
Two high-severity vulnerabilities have been disclosed in **UTT HiPER** router products, affecting **HiPER 1200GW** devices up to version `2.5.3-170306` and **HiPER 1250GW** devices up to version `3.2.7-210907-180535`. The flaws were assigned **`CVE-2026-4487`** and **`CVE-2026-4488`** and are both described as remotely exploitable buffer overflows tied to unsafe use of the `strcpy` function, with impact spanning confidentiality, integrity, and availability. `CVE-2026-4487` affects the `/goform/websHostFilter` component on the HiPER 1200GW, while `CVE-2026-4488` affects `/goform/setSysAdm` on the HiPER 1250GW, where manipulation of the `GroupName` argument can trigger the overflow. The issues are mapped to **`CWE-119`** and **`CWE-120`**, and public exploit disclosure has been noted for both, increasing the urgency for organizations using these devices to identify exposed systems and prioritize remediation or compensating controls.
1 months ago
Stack-Based Overflows in Tenda FH451 and FH1201 Routers Expose Remote Attack Path
Two high-severity vulnerabilities have been disclosed in Tenda router firmware, affecting **FH451 `1.0.0.9`** and **FH1201 `1.2.0.14(408)`**. The flaws, tracked as **`CVE-2026-4535`** and **`CVE-2026-5045`**, are stack-based buffer overflows in the `WrlclientSet` function exposed through the `/goform/WrlclientSet` endpoint. In both cases, an attacker can trigger the issue by manipulating the `GO` argument, creating a remotely reachable attack path against the devices' web management interface. Both CVEs are classified under **`CWE-119`** and **`CWE-121`**, and published scoring indicates high impact to **confidentiality, integrity, and availability**, with some vectors rating the flaws at critical severity. Public exploit information is already available for both issues, raising the risk of real-world exploitation against unpatched internet-exposed routers and embedded deployments using the affected firmware.
1 months ago