A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
PUBLISHED5.2CWE-120CWE-119
UTT HiPER 810G Management formFireWall strcpy buffer overflow
Problem type
Affected products
UTT
HiPER 810G
1.7.7-171114 - AFFECTED
References
VDB-344653 | UTT HiPER 810G Management formFireWall strcpy buffer overflow
https://vuldb.com/?id.344653
VDB-344653 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/?ctiid.344653
Submit #746502 | UTT (AiTai) HiPER 810G <= v3v1.7.7-171114 Buffer Overflow
https://vuldb.com/?submit.746502
github.com
https://github.com/alc9700jmo/CVE/issues/22
github.com
https://github.com/alc9700jmo/CVE/issues/22#issue-3851242657
GitHub Security Advisories
GHSA-rp5p-5955-26x3
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability...
https://github.com/advisories/GHSA-rp5p-5955-26x3A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2026-2086
github.com
https://github.com/alc9700jmo/CVE/issues/22
github.com
https://github.com/alc9700jmo/CVE/issues/22#issue-3851242657
vuldb.com
https://vuldb.com/?ctiid.344653
vuldb.com
https://vuldb.com/?id.344653
vuldb.com
https://vuldb.com/?submit.746502
github.com
https://github.com/advisories/GHSA-rp5p-5955-26x3
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-2086Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-2086",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-02-07T13:32:06.896Z",
"dateReserved": "2026-02-06T08:22:33.810Z",
"datePublished": "2026-02-07T13:32:06.896Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-02-07T13:32:06.896Z"
},
"title": "UTT HiPER 810G Management formFireWall strcpy buffer overflow",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"affected": [
{
"vendor": "UTT",
"product": "HiPER 810G",
"modules": [
"Management Interface"
],
"versions": [
{
"version": "1.7.7-171114",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Buffer Overflow",
"cweId": "CWE-120",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Memory Corruption",
"cweId": "CWE-119",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.344653",
"name": "VDB-344653 | UTT HiPER 810G Management formFireWall strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/?ctiid.344653",
"name": "VDB-344653 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.746502",
"name": "Submit #746502 | UTT (AiTai) HiPER 810G <= v3v1.7.7-171114 Buffer Overflow",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://github.com/alc9700jmo/CVE/issues/22",
"tags": [
"issue-tracking"
]
},
{
"url": "https://github.com/alc9700jmo/CVE/issues/22#issue-3851242657",
"tags": [
"exploit",
"issue-tracking"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"baseScore": 9
}
}
],
"timeline": [
{
"time": "2026-02-06T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-02-06T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-02-06T09:27:39.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "alc9700 (VulDB User)",
"type": "reporter"
}
]
}
}
}