Cyber Resilience

CVE-2026-3698

HighPublic PoC

Published: 08 March 2026

Published
08 March 2026
Modified
10 March 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0066 46.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-3698 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Utt 810G Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 46.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-3698 is a buffer overflow vulnerability (CWE-119, CWE-120) identified in the UTT HiPER 810G device, affecting versions up to 1.7.7-171114. The flaw occurs in the strcpy function within the /goform/NTP file, where improper input handling allows manipulation leading to the overflow. Published on 2026-03-08, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Attackers with low privileges (PR:L) can exploit this remotely over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N), potentially achieving high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H). A public exploit is available and might be used in attacks.

Advisories and further details are available in references including https://github.com/7wkajk/CVE-VUL/blob/main/3.md, https://vuldb.com/?ctiid.349644, https://vuldb.com/?id.349644, and https://vuldb.com/?submit.765748.

EU & UK References

Vulnerability details

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be…

more

used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Buffer overflow in authenticated web endpoint (/goform/NTP) on public-facing network device enables remote exploitation of a public-facing application (T1190) and allows low-privilege access to achieve high-impact code execution, directly facilitating exploitation for privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2935Same product: Utt 810G
CVE-2026-3814Same product: Utt 810G
CVE-2026-2904Same product: Utt 810G
CVE-2026-3016Same product: Utt 810G
CVE-2026-2981Same product: Utt 810G
CVE-2026-3015Same product: Utt 810G
CVE-2026-3700Same product: Utt 810G
CVE-2026-2980Same product: Utt 810G
CVE-2026-3815Same product: Utt 810G
CVE-2026-3699Same product: Utt 810G

Affected Assets

utt
810g firmware
≤ 1.7.7-171114

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the buffer overflow vulnerability by requiring timely remediation through firmware patching for the affected UTT HiPER 810G versions.

prevent

Prevents exploitation by enforcing validation of NTP form inputs to block malformed data that triggers the strcpy buffer overflow.

prevent

Mitigates successful exploitation of the buffer overflow via memory safeguards like address space layout randomization and non-executable stacks.

References