Description
UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the notes parameter of the formGroupConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Published: 2026-04-06
Score: 4.5 Medium
EPSS: n/a
KEV: No
Impact: Denial of Service
Action: Assess Impact
AI Analysis

Impact

The vulnerability is a buffer overflow in the notes parameter of the formGroupConfig function, allowing an attacker to supply crafted input that overflows a buffer and crashes the device, resulting in a denial of service. No code execution or privilege escalation is described.

Affected Systems

UTT Aggressive HiPER 810G version 3v1.7.7-171114 is affected. No additional vendor or product coverage is specified in the CVE report.

Risk and Exploitability

EPSS information is not available and the vulnerability is not listed in CISA’s KEV catalog. The CVSS score is not provided, so the documented severity is unknown. Based on the description, the likely attack vector involves a remote client that submits a malicious notes payload to the formGroupConfig interface. If the function is exposed over a network, an attacker could trigger the overflow and disrupt service without needing local privileges. The risk is considered moderate to high if the endpoint is accessible but mitigatable through input validation or firmware updates.

Generated by OpenCVE AI on April 6, 2026 at 17:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify whether a newer firmware version of UTT Aggressive HiPER 810G that addresses the buffer overflow exists and apply the update if available.
  • If updating is not possible, restrict or disable access to the formGroupConfig endpoint or the notes field in configuration to prevent malicious input.
  • Implement robust input validation on the notes parameter to enforce strict length limits before copying data into a buffer.
  • Deploy an application‑layer firewall or intrusion detection solution to detect and block anomalous payloads targeting the affected API.
  • Continuously monitor system logs for unexpected crashes or service disruptions, and apply patches as soon as they are released.

Generated by OpenCVE AI on April 6, 2026 at 17:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in UTT Aggressive HiPER 810G Leading to Denial of Service
First Time appeared Utt
Utt hiper 810g
Weaknesses CWE-119
CWE-120
CWE-787
Vendors & Products Utt
Utt hiper 810g
Metrics cvssV3_1

{'score': 4.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 06 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Description UTT Aggressive HiPER 810G v3v1.7.7-171114 was discovered to contain a buffer overflow in the notes parameter of the formGroupConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
References

Subscriptions

Utt Hiper 810g
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-06T19:50:08.822Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31060

cve-icon Vulnrichment

Updated: 2026-04-06T19:49:56.825Z

cve-icon NVD

Status : Received

Published: 2026-04-06T15:17:08.330

Modified: 2026-04-06T20:16:22.373

Link: CVE-2026-31060

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:47:56Z

Weaknesses