CVE-2026-3814
Published: 09 March 2026
Summary
CVE-2026-3814 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Utt 810G Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 49.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-3814 is a buffer overflow vulnerability affecting the UTT HiPER 810G router in versions up to 1.7.7-1711. The flaw resides in the strcpy function within the /goform/getOneApConfTempEntry file, where improper input handling allows manipulation leading to a buffer overflow. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).
The vulnerability can be exploited remotely by an attacker with low privileges (PR:L), requiring low complexity and no user interaction. Successful exploitation enables high-impact consequences, including unauthorized access to confidential data (C:H), modification of system integrity (I:H), and disruption of availability (A:H). As a network-accessible issue, it poses risks to exposed router instances.
Advisories and further details are available through referenced sources, including VulDB entries (ctiid.349780, id.349780, submit.769163) and a GitHub repository at https://github.com/whoami648/cve/blob/main/vul/9.md, which may provide mitigation guidance or patch information.
Notably, a public exploit has been released, increasing the likelihood of real-world attacks against unpatched UTT HiPER 810G devices. The vulnerability was published on 2026-03-09.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-10320
Vulnerability details
A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely.…
more
The exploit has been released to the public and may be used for attacks.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in remotely accessible web form (/goform/getOneApConfTempEntry) on network device enables remote code execution from low-priv credentials, directly mapping to exploitation for privilege escalation (T1068) and exploitation of public-facing application (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Mandates timely remediation of the buffer overflow flaw in the router's strcpy function via patching unpatched versions up to 1.7.7-1711.
Requires validation of inputs to /goform/getOneApConfTempEntry to block malformed data causing the strcpy buffer overflow.
Deploys memory protections like ASLR and DEP to prevent exploitation of the buffer overflow for code execution despite the underlying flaw.