CVE-2026-2847
Awaiting Analysis Awaiting Analysis - Queue
Remote OS Command Injection in UTT HiPER 520 Web Interface

Publication date: 2026-02-20

Last updated on: 2026-02-24

Assigner: VulDB

Description
A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument Isp_Name results in os command injection. The attack can be launched remotely. The exploit is now public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-20
Last Modified
2026-02-24
Generated
2026-06-16
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2847
EUVD
EUVD-2026-8468
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt 520_firmware 1.7.7-160105
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-2847 is a critical OS command injection vulnerability found in the UTT HiPER 520 device, version 1.7.7-160105, specifically within the Web Management Interface component.'}, {'type': 'paragraph', 'content': 'The vulnerability resides in the function sub_44EFB4 of the file /goform/formReleaseConnect and is triggered by manipulation of the argument "Isp_Name." This allows an attacker to inject and execute arbitrary operating system commands due to improper neutralization of special characters in the input.'}, {'type': 'paragraph', 'content': 'The attack can be launched remotely but requires authentication. The vulnerability corresponds to CWE-78 (Improper Neutralization of Special Elements used in an OS Command) and is classified under MITRE ATT&CK technique T1202.'}] [1, 3]

Impact Analysis

This vulnerability allows an authenticated attacker to execute arbitrary operating system commands on the affected device with root privileges.

The impact affects the confidentiality, integrity, and availability of the system, potentially allowing attackers to take full control, disrupt services, or access sensitive information.

Since the exploit is publicly available, the risk of exploitation is high, and no known mitigations or patches currently exist.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by sending a crafted POST request to the /goform/formReleaseConnect endpoint with a specially crafted payload in the Isp_Name parameter to test for command injection.

For example, a command to test the vulnerability could be a POST request containing the payload: Isp_Name=1;touch /tmp/2026-1-29

If the command executes successfully, it will create a file /tmp/2026-1-29 on the device, indicating the presence of the vulnerability.

This detection requires authentication and can be performed using tools like curl or other HTTP clients to send the crafted POST request.

Mitigation Strategies

There are no known patches or fixes currently available for this vulnerability.

Immediate mitigation steps include replacing the affected product with an alternative device that is not vulnerable.

Additionally, restricting access to the Web Management Interface, especially limiting remote access and enforcing strong authentication, may reduce the risk of exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2847. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart