CVE-2026-1162
Published: 19 January 2026
Summary
CVE-2026-1162 is a critical-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Utt 810 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the specific buffer overflow flaw in the strcpy function of /goform/setSysAdm by requiring identification, reporting, and correction of the vulnerability.
Prevents the buffer overflow by enforcing input validation on the passwd1 argument before it is processed by the unsafe strcpy function in the web form handler.
Mitigates remote exploitation of the buffer overflow vulnerability through memory protections such as non-executable stacks or address space randomization, blocking arbitrary code execution.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing web form (/goform/setSysAdm) allows unauthenticated remote arbitrary code execution, directly mapping to exploitation of public-facing applications.
NVD Description
A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of the file /goform/setSysAdm. This manipulation of the argument passwd1 causes buffer overflow. Remote exploitation of the attack is possible. The exploit has…
more
been published and may be used.
Deeper analysisAI
CVE-2026-1162 is a buffer overflow vulnerability affecting the UTT HiPER 810 device in version 1.7.4-141218. The issue stems from improper use of the strcpy function in the /goform/setSysAdm file, where manipulation of the passwd1 argument leads to the overflow. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input), with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network. Successful exploitation enables arbitrary code execution or system compromise, granting high-impact access to confidentiality, integrity, and availability.
Advisories and references, including a GitHub repository with proof-of-concept exploit details and VulDB entries, confirm remote exploitability. No specific patches or mitigations are detailed in the available information, but the published exploit underscores the need for immediate isolation or upgrades where possible.
Details
- CWE(s)