CVE-2026-31058
Received Received - Intake
Buffer Overflow in UTT Aggressive HiPER 1200GW Causes DoS

Publication date: 2026-04-06

Last updated on: 2026-04-10

Assigner: MITRE

Description
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the timeRangeName parameter of the formConfigDnsFilterGlobal function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-10
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31058
EUVD
EUVD-2026-19251
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt 1200gw_firmware to 2.5.3-170306 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-31058 is a buffer overflow vulnerability found in the UTT HiPER 1200GW router firmware version v2.5.3-170306. It occurs in the function formConfigDnsFilterGlobal when processing the timeRangeName parameter in an HTTP POST request. Specifically, when the sourceIP parameter is set to ipRange, the code copies the timeRangeName input without proper bounds checking, leading to a buffer overflow.

This unchecked copy operation can be exploited by an attacker sending a crafted POST request with a large payload in the timeRangeName field, potentially causing the device to crash or behave unexpectedly.

Impact Analysis

This vulnerability can be exploited to cause a Denial of Service (DoS) on the affected UTT HiPER 1200GW router. By sending a specially crafted HTTP POST request with a large timeRangeName parameter, an attacker can trigger a buffer overflow that may crash the device or disrupt its normal operation.

Such disruption can lead to network downtime, loss of connectivity, and potential interruption of services relying on the router.

Detection Guidance

This vulnerability can be detected by sending a crafted HTTP POST request to the endpoint `/goform/formConfigDnsFilterGlobal` with the `sourceIP` parameter set to `ipRange` and a large payload in the `timeRangeName` parameter. The request requires Digest authentication.

A detection command example using curl might be:

  • curl -X POST -u username:password --digest -d "sourceIP=ipRange&timeRangeName=$(python -c 'print("A"*1000)')" http://<target-ip>/goform/formConfigDnsFilterGlobal

If the system crashes, becomes unresponsive, or returns an error, it indicates the presence of the vulnerability.

Mitigation Strategies

Immediate mitigation steps include avoiding sending requests with the `sourceIP` parameter set to `ipRange` combined with large or untrusted input in the `timeRangeName` parameter to the vulnerable endpoint.

Additionally, restrict access to the `/goform/formConfigDnsFilterGlobal` endpoint by limiting network exposure and applying strict authentication controls.

Monitor for unusual crashes or denial of service symptoms on the affected device.

Ultimately, update the firmware to a version that patches this buffer overflow vulnerability once available.

Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-31058 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31058. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart