CVE-2026-7513
Received Received - Intake
Buffer Overflow in UTT HiPER 1200GW Firmware

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: VulDB

Description
A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7513
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
utt hiper_1200gw to 2.5.3-170306 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-7513 is a buffer overflow vulnerability found in the UTT HiPER 1200GW router firmware versions up to 2.5.3-170306. The flaw exists in the /goform/formRemoteControl endpoint, specifically in the strcpy function, which improperly handles input without sufficient validation.

An attacker can exploit this vulnerability by sending a specially crafted POST request with a parameter that exceeds the expected buffer size, causing memory to be overwritten.

This can lead to arbitrary code execution, denial of service, or other malicious actions by gaining control over the device remotely.

Impact Analysis

This vulnerability can have serious impacts including allowing a remote attacker to execute arbitrary code on the affected router, potentially taking full control of the device.

Such control can be used to disrupt network services by triggering denial of service conditions or to manipulate network traffic and data.

Because the exploit can be initiated remotely without user interaction, it poses a significant security risk to networks using the vulnerable device.

Detection Guidance

This vulnerability can be detected by monitoring for specially crafted POST requests sent to the /goform/formRemoteControl endpoint of the UTT HiPER 1200GW router. These requests contain an abnormally long 'Profile' parameter designed to overflow the buffer.

A practical detection method is to capture and analyze HTTP POST traffic targeting the /goform/formRemoteControl path and look for unusually long or malformed 'Profile' parameters.

  • Use network packet capture tools like tcpdump or Wireshark to filter HTTP POST requests to /goform/formRemoteControl.
  • Example tcpdump command to capture relevant traffic: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/formRemoteControl'
  • Use tools like curl or custom scripts to send test POST requests with long 'Profile' parameters to verify if the system is vulnerable.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable /goform/formRemoteControl endpoint to trusted networks only, such as by implementing firewall rules or access control lists.

Avoid exposing the router's web interface to untrusted networks or the internet.

Monitor network traffic for suspicious POST requests targeting the vulnerable endpoint and block or alert on such activity.

If available, update the router firmware to a version that patches this vulnerability.

If no patch is available, consider disabling remote management features or the affected service to prevent exploitation.

Compliance Impact

The provided information does not specify how the CVE-2026-7513 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7513. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart