CVE-2026-3700
Published: 08 March 2026
Summary
CVE-2026-3700 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Utt 810G Firmware. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the buffer overflow vulnerability by applying vendor patches or firmware updates to affected UTT HiPER 810G routers.
Requires validation of inputs to the /goform/formConfigDnsFilterGlobal function to prevent buffer overflows from unchecked strcpy usage.
Implements memory protections such as ASLR and DEP to mitigate exploitation of the buffer overflow even if input validation fails.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing router web form (/goform/) enables remote authenticated attackers to achieve RCE and high-impact effects, directly mapping to exploitation of public-facing apps (T1190) and privilege escalation (T1068).
NVD Description
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to…
more
the public and could be used for attacks.
Deeper analysisAI
CVE-2026-3700 is a buffer overflow vulnerability affecting UTT HiPER 810G routers in versions up to 1.7.7-171114. The flaw stems from improper use of the strcpy function in the /goform/formConfigDnsFilterGlobal file, enabling buffer overflow conditions. It has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input). The vulnerability was published on 2026-03-08.
Remote attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows high-impact consequences, including unauthorized access to sensitive data, modification of system integrity, and denial of service through availability disruption. Remote exploitation is explicitly possible, and a public exploit has been disclosed.
Advisories and details are available from sources including VulDB (ctiid.349646, id.349646, submit.765750) and a GitHub repository at https://github.com/7wkajk/CVE-VUL/blob/main/1.md, which document the issue but do not specify patches or mitigations in the provided information.
The public availability of the exploit increases the risk of real-world attacks against unpatched UTT HiPER 810G devices.
Details
- CWE(s)