CVE-2026-4318
Published: 17 March 2026
Summary
CVE-2026-4318 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 38.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-4318 is a buffer overflow vulnerability affecting UTT HiPER 810G devices up to version 1.7.7-171114. The flaw exists in the strcpy function within the /goform/formApLbConfig file, where manipulation of the loadBalanceNameOld argument triggers the overflow. Published on 2026-03-17T15:16:19.650, it is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).
The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity. Low-privileged remote attackers can exploit it without user interaction, potentially gaining high-impact access to compromise confidentiality, integrity, and availability of the affected device.
Advisories referenced in VulDB entries (ctiid.351362, id.351362, submit.772659) and a GitHub issue (xiaoheshang404/cve/issues/1#issue-4026284809) detail the vulnerability. The exploit has been publicly disclosed and may be utilized by attackers.
Notable context includes the public availability of the exploit, increasing the risk of real-world exploitation against unpatched UTT HiPER 810G devices.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-12576
Vulnerability details
A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly…
more
disclosed and may be utilized.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public web form handler (/goform/formApLbConfig) on network device allows remote low-privileged attackers to achieve RCE with full impact; directly maps to exploitation of public-facing application (T1190) and exploitation for privilege escalation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely identification, reporting, and correction of flaws like this buffer overflow, directly mitigating the CVE through patching affected UTT HiPER 810G devices.
SI-10 enforces validation of inputs such as loadBalanceNameOld to the /goform/formApLbConfig function, preventing buffer overflows from oversized or malformed data.
SI-16 implements memory safeguards like stack canaries, ASLR, and DEP that protect against exploitation of the strcpy buffer overflow even if invalid input reaches the vulnerable code.