Description
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_425994 component
Published: 2026-06-30
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The reported vulnerability is a buffer overflow in the gohead/sub_425994 component of UTT nv518G firmware that allows a remote attacker to trigger a denial of service. When a crafted input is processed, the component overflows its buffer and crashes, forcing the device to become unresponsive and requiring a reboot or manual reset to restore service. The impact is limited to loss of service availability, with no disclosed compromise of confidentiality or integrity.

Affected Systems

The affected device is the UTT nv518G series, specifically firmware versions up to nv518GV3v3.2.7-210919-161313. No other vendors or product lines are listed in the CVE data.

Risk and Exploitability

The vulnerability can be exploited remotely without authentication, and the absence of an EPSS score and KEV listing mean the exact exploitation likelihood is unknown, but any reachable instance of gohead/sub_425994 is at risk of crashing. An attacker who can reach this component over the network can send malicious packets to trigger the overflow and cause service downtime. High potential impact combined with the ease of remote exploitation makes timely remediation critical.

Generated by OpenCVE AI on July 1, 2026 at 04:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify that all UTT nv518G devices are running firmware version newer than nv518GV3v3.2.7-210919-161313 and apply any vendor-released update that addresses the buffer overflow
  • If an update is not yet available, isolate the device from untrusted networks or restrict inbound traffic to the gohead/sub_425994 service using firewall or ACL rules
  • Deploy network segmentation so that the device resides in a separate subnet with limited reachability and monitor for abnormal traffic patterns that may indicate exploitation attempts

Generated by OpenCVE AI on July 1, 2026 at 04:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 05:00:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in UTT nv518G Firmware Allows Remote Denial of Service
Weaknesses CWE-119

Tue, 30 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Description Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_425994 component
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-30T22:45:22.803Z

Reserved: 2026-06-08T00:00:00.000Z

Link: CVE-2026-52198

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T04:45:05Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer