CVE-2026-31062
Buffer Overflow in UTT Aggressive 520W FTP Causes DoS
Publication date: 2026-04-06
Last updated on: 2026-04-07
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| utt | 520w_firmware | 1.7.7-180627 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The CVE-2026-31062 vulnerability affects the UTT Aggressive 520W router, specifically firmware versions up to and including v3v1.7.7-180627. It is a buffer overflow vulnerability in the handling of the HTTP POST request to the endpoint `/goform/formFtpServerDirConfig`.
When the parameter `Action` is set to `add`, the router processes the `filename` parameter by copying its value into a destination buffer using the unsafe `strcpy` function without any boundary checks. This lack of input validation allows an attacker to supply an excessively long `filename` string, causing a buffer overflow.
Exploiting this vulnerability can lead to a denial-of-service (DoS) condition on the device by crashing or disrupting the router's operation.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to cause a denial-of-service (DoS) condition on your UTT Aggressive 520W router. By sending a specially crafted HTTP POST request with an excessively long filename parameter, the attacker can trigger a buffer overflow that disrupts the normal functioning of the device.
As a result, your network connectivity or services relying on this router could be interrupted or become unavailable.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a crafted HTTP POST request to the endpoint `/goform/formFtpServerDirConfig` on the affected UTT Aggressive 520W router firmware versions up to v3v1.7.7-180627.
Specifically, the POST request should include the parameter `Action` set to `add` and a very long string in the `filename` parameter to test for buffer overflow conditions.
A sample command using curl to test this could be:
- curl -X POST http://[router_ip]/goform/formFtpServerDirConfig -d "Action=add&filename=$(python3 -c 'print("A"*1000)')"
If the device crashes, becomes unresponsive, or exhibits a denial-of-service condition after this request, it indicates the presence of the vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2026-31062 vulnerability, immediately avoid sending or accepting HTTP POST requests to the endpoint `/goform/formFtpServerDirConfig` with the `Action` parameter set to `add` that include untrusted or excessively long `filename` parameters.
Restrict access to the affected router's management interface to trusted networks only, and monitor for unusual or malformed POST requests targeting the vulnerable endpoint.
If possible, update the router firmware to a version that addresses this vulnerability once it becomes available from the vendor.