CVE-2026-52187
Received Received - Intake

Buffer Overflow in UTT nv518G nv518GV3 Firmware

Vulnerability report for CVE-2026-52187, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: MITRE

Description

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-03
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
utt nv518g 3.2.7-210919-161313
utt nv518gv3 3.2.7-210919-161313

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-52187 is a buffer overflow vulnerability in the UTT nv518G nv518GV3v3.2.7-210919-161313 firmware, specifically in the /gohead/sub_483ba0 component.

The vulnerability occurs because the length of a variable named Var is not properly validated, allowing an attacker to manipulate the size of indexIDNew.

By sending a specially crafted POST request with an excessively long indexIDNew value to /gohead/sub_483ba0, an attacker can trigger a buffer overflow, potentially causing memory corruption or arbitrary code execution.

Impact Analysis

This vulnerability can allow a remote attacker to cause a denial of service by exploiting the buffer overflow in the affected component.

Additionally, the buffer overflow may lead to memory corruption or even arbitrary code execution, which could compromise the affected device.

Such impacts could disrupt normal device operation, potentially leading to loss of network availability or unauthorized control over the device.

Detection Guidance

This vulnerability can be detected by sending a specially crafted POST request to the endpoint /gohead/sub_483ba0 with an excessively long indexIDNew parameter. This triggers the buffer overflow condition.

A proof-of-concept exploit involves using a POST request to /gohead/sub_483ba0 with a manipulated indexIDNew value to test if the system is vulnerable.

  • Use curl or similar tools to send a POST request with a long indexIDNew parameter to http://<target-ip>/gohead/sub_483ba0.
  • Example command: curl -X POST -d "indexIDNew=$(python -c 'print("A"*1000)')" http://<target-ip>/gohead/sub_483ba0
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint /gohead/sub_483ba0 to trusted users only, such as by firewall rules or network segmentation.

Applying any available firmware updates or patches from the vendor that address this buffer overflow vulnerability is critical.

Monitor network traffic for unusual POST requests targeting /gohead/sub_483ba0 with abnormally long parameters and block or alert on such activity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-52187. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart