Cyber Posture

CVE-2026-2135

MediumPublic PoC

Published: 08 February 2026

Published
08 February 2026
Modified
13 February 2026
KEV Added
Patch
CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0038 59.4th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2135 is a medium-severity Injection (CWE-74) vulnerability in Utt 810 Firmware. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 40.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly implements input validation mechanisms at the /goform/formPdbUpConfig entry point to block command injection via the policyNames argument.

SI-2 Flaw Remediation good match
prevent

Requires identification, reporting, and correction of the specific command injection flaw in sub_43F020 of /goform/formPdbUpConfig.

SI-4 System Monitoring partial match
detect

Enables monitoring of system activities to identify exploitation attempts of the command injection vulnerability through anomalous behavior.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
attack.mitre.org →
Why these techniques?

Command injection vulnerability in web form (/goform/formPdbUpConfig) on network-accessible device enables exploitation of public-facing application (T1190) and arbitrary Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The…

more

exploit is now public and may be used.

Deeper analysisAI

CVE-2026-2135 is a command injection vulnerability affecting UTT HiPER 810 version 1.7.4-141218. The issue resides in the function sub_43F020 within the file /goform/formPdbUpConfig, where manipulation of the policyNames argument enables command injection. It is associated with CWEs-74 and CWE-77 and carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

The vulnerability allows remote exploitation by attackers possessing low privileges. Exploitation requires low complexity and no user interaction, enabling limited impacts on confidentiality, integrity, and availability, such as unauthorized command execution within the context of the affected component.

Advisories documented on VulDB and a GitHub repository detail the vulnerability, noting that the exploit is now public and may be used by attackers. No specific patches or mitigation steps are outlined in the available references.

Details

CWE(s)
CWE-74CWE-77

Affected Products

utt
810 firmware
1.7.4-141218

CVEs Like This One

CVE-2026-2118Same product: Utt 810
CVE-2026-2080Same product: Utt 810
CVE-2026-1162Same product: Utt 810
CVE-2025-70998Same product: Utt 810
CVE-2026-2182Same vendor: Utt
CVE-2025-13442Same vendor: Utt
CVE-2026-31059Same vendor: Utt
CVE-2026-2847Same vendor: Utt
CVE-2026-2188Same vendor: Utt
CVE-2026-2846Same vendor: Utt

References