CVE-2026-3700
Received Received - Intake
Buffer Overflow in UTT HiPER 810G strcpy Enables Remote Exploit

Publication date: 2026-03-08

Last updated on: 2026-03-10

Assigner: VulDB

Description
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-08
Last Modified
2026-03-10
Generated
2026-06-16
AI Q&A
2026-03-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3700
EUVD
EUVD-2026-10207
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt 810g_firmware to 1.7.7-171114 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3700 is a critical buffer overflow vulnerability in the UTT HiPER 810G router firmware up to version 1.7.7-171114. The flaw occurs in the strcpy function within the /goform/formConfigDnsFilterGlobal endpoint, where data is copied into a buffer without proper bounds checking. This unsafe copying can overflow the buffer, allowing an attacker to manipulate the system remotely.

Impact Analysis

This vulnerability can be exploited remotely to cause a buffer overflow, potentially leading to denial of service (DoS) or other exploit scenarios. It impacts the confidentiality, integrity, and availability of the affected system, allowing attackers to compromise the router without requiring physical or local access.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring HTTP requests to the endpoint /goform/formConfigDnsFilterGlobal on UTT HiPER 810G devices running firmware up to version 1.7.7-171114.'}, {'type': 'paragraph', 'content': 'Detection can involve checking for unusual or malformed HTTP requests targeting this endpoint that attempt to exploit the buffer overflow via the strcpy function.'}, {'type': 'paragraph', 'content': 'Since the exploit is triggered by a specific HTTP request, network monitoring tools or intrusion detection systems (IDS) can be configured to alert on requests to /goform/formConfigDnsFilterGlobal with suspicious payloads.'}, {'type': 'list_item', 'content': "Use network packet capture tools like tcpdump or Wireshark to filter HTTP traffic to the vulnerable endpoint, e.g., tcpdump -i <interface> 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and inspect requests to /goform/formConfigDnsFilterGlobal."}, {'type': 'list_item', 'content': 'Use curl or wget commands to test the endpoint manually by sending crafted HTTP POST requests to /goform/formConfigDnsFilterGlobal and observe the device behavior.'}, {'type': 'list_item', 'content': 'Deploy IDS/IPS signatures that detect attempts to exploit strcpy buffer overflow patterns targeting this endpoint.'}] [1, 3]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint /goform/formConfigDnsFilterGlobal by implementing network-level controls such as firewall rules to block unauthorized or external HTTP requests to the device.

Since no known countermeasures or patches are documented, it is recommended to replace the affected UTT HiPER 810G device with a secure alternative or upgrade the firmware if a fixed version becomes available.

Additionally, monitor the device for signs of exploitation and consider isolating it from untrusted networks to reduce exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3700. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart