CVE-2026-31062
Received Received - Intake
Buffer Overflow in UTT Aggressive 520W FTP Causes DoS

Publication date: 2026-04-06

Last updated on: 2026-04-07

Assigner: MITRE

Description
UTT Aggressive 520W v3v1.7.7-180627 was discovered to contain a buffer overflow in the filename parameter of the formFtpServerDirConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-07
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31062
EUVD
EUVD-2026-19259
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt 520w_firmware 1.7.7-180627
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

To mitigate the CVE-2026-31062 vulnerability, immediately avoid sending or accepting HTTP POST requests to the endpoint `/goform/formFtpServerDirConfig` with the `Action` parameter set to `add` that include untrusted or excessively long `filename` parameters.

Restrict access to the affected router's management interface to trusted networks only, and monitor for unusual or malformed POST requests targeting the vulnerable endpoint.

If possible, update the router firmware to a version that addresses this vulnerability once it becomes available from the vendor.

Executive Summary

The CVE-2026-31062 vulnerability affects the UTT Aggressive 520W router, specifically firmware versions up to and including v3v1.7.7-180627. It is a buffer overflow vulnerability in the handling of the HTTP POST request to the endpoint `/goform/formFtpServerDirConfig`.

When the parameter `Action` is set to `add`, the router processes the `filename` parameter by copying its value into a destination buffer using the unsafe `strcpy` function without any boundary checks. This lack of input validation allows an attacker to supply an excessively long `filename` string, causing a buffer overflow.

Exploiting this vulnerability can lead to a denial-of-service (DoS) condition on the device by crashing or disrupting the router's operation.

Impact Analysis

This vulnerability can impact you by allowing an attacker to cause a denial-of-service (DoS) condition on your UTT Aggressive 520W router. By sending a specially crafted HTTP POST request with an excessively long filename parameter, the attacker can trigger a buffer overflow that disrupts the normal functioning of the device.

As a result, your network connectivity or services relying on this router could be interrupted or become unavailable.

Detection Guidance

This vulnerability can be detected by sending a crafted HTTP POST request to the endpoint `/goform/formFtpServerDirConfig` on the affected UTT Aggressive 520W router firmware versions up to v3v1.7.7-180627.

Specifically, the POST request should include the parameter `Action` set to `add` and a very long string in the `filename` parameter to test for buffer overflow conditions.

A sample command using curl to test this could be:

  • curl -X POST http://[router_ip]/goform/formFtpServerDirConfig -d "Action=add&filename=$(python3 -c 'print("A"*1000)')"

If the device crashes, becomes unresponsive, or exhibits a denial-of-service condition after this request, it indicates the presence of the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31062. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart