CVE-2026-7418
Received Received - Intake
Buffer Overflow in UTT HiPER 1250GW Firmware

Publication date: 2026-04-29

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-29
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-30
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7418
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt hiper_1250gw to 3.2.7-210907-180535 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the UTT HiPER 1250GW device up to version 3.2.7-210907-180535. It affects the strcpy function in the file route/goform/NTP. By manipulating the argument named Profile, an attacker can cause a buffer overflow.

The vulnerability can be exploited remotely, meaning an attacker does not need physical access to the device to launch an attack. The exploit has been publicly disclosed and may be used by attackers.

Impact Analysis

Exploiting this vulnerability can lead to a buffer overflow, which may allow an attacker to execute arbitrary code or cause a denial of service on the affected device.

Because the attack can be launched remotely, it increases the risk of unauthorized access or control over the device, potentially compromising the confidentiality, integrity, and availability of the system.

Executive Summary

CVE-2026-7418 is a buffer overflow vulnerability in the UTT HiPER 1250GW router's NTP configuration interface, specifically in the /goform/NTP endpoint. It occurs because the strcpy function is used without proper boundary checks when handling the "Profile" parameter.

An attacker can exploit this vulnerability by sending a crafted POST request with an excessively long "Profile" parameter, which causes the buffer overflow. This happens when the time_zone and NTPServerIP parameters are non-empty and SntpEnable is set to "on".

Detection Guidance

This vulnerability can be detected by monitoring for unusual or crafted POST requests sent to the /goform/NTP endpoint of the UTT HiPER 1250GW router. Specifically, look for POST requests where the "Profile" parameter contains an excessively long string, which triggers the buffer overflow.

Detection can involve capturing network traffic and filtering for POST requests to /goform/NTP with suspiciously long Profile parameters, especially when time_zone and NTPServerIP parameters are non-empty and SntpEnable is set to "on".

  • Use a network packet capture tool like tcpdump or Wireshark to capture HTTP POST requests to the router's /goform/NTP endpoint.
  • Example tcpdump command to capture relevant traffic: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/NTP'
  • Inspect captured POST requests for the "Profile" parameter length and check if it is unusually long.
Mitigation Strategies

To mitigate this vulnerability immediately, avoid exposing the UTT HiPER 1250GW router's management interface to untrusted networks.

Disable the SNTP service by setting SntpEnable to "off" if it is not required, as the vulnerability is triggered when SntpEnable is "on".

Restrict or filter incoming traffic to the /goform/NTP endpoint to prevent malicious POST requests with crafted Profile parameters.

Monitor for firmware updates or patches from the vendor that address this buffer overflow vulnerability and apply them as soon as they become available.

Impact Analysis

Exploiting this vulnerability can lead to a denial of service (DoS) attack on the affected router. The buffer overflow may cause the device to crash or behave unpredictably, disrupting network connectivity and services.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious POST requests to the /goform/NTP endpoint on the UTT HiPER 1250GW router. Specifically, look for requests where the "Profile" parameter is excessively long, which triggers the buffer overflow.

Detection can involve capturing network traffic and filtering for POST requests to /goform/NTP with non-empty time_zone and NTPServerIP parameters and SntpEnable set to "on".

A possible command to detect such attempts using tcpdump could be:

  • tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/NTP'

Alternatively, inspecting web server logs for POST requests to /goform/NTP with unusually long Profile parameters can help identify exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include disabling the SNTP service or setting SntpEnable to "off" if possible, to prevent the vulnerable code path from being triggered.

Restrict access to the router's management interface, especially the /goform/NTP endpoint, by limiting network access or applying firewall rules.

Monitor for suspicious POST requests with long Profile parameters and block or alert on such traffic.

Apply any available firmware updates from the vendor that address this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7418. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart