Impact
A stack‑based buffer overflow exists in the UTT HiPER 1250GW web endpoint /goform/ConfigWirelessBase_5g. Manipulating the ssid argument can overwrite the stack and potentially allow an attacker to execute arbitrary code. This flaw breaks confidentiality, integrity, and availability by permitting remote code execution on the device.
Affected Systems
UTT HiPER 1250GW radios with firmware versions up to 3.2.7‑210907-180535 are affected. All models running these or earlier firmware are susceptible to the vulnerability.
Risk and Exploitability
The vulnerability carries a CVSS score of 8.7, indicating high severity. EPSS information is not available, and the issue is not listed in CISA’s KEV catalog, but a public exploit has been disclosed and is actively available. Because the attack can be performed remotely via the web interface, the risk to exposed devices is significant.
OpenCVE Enrichment