Cyber Resilience

CVE-2026-4318

High

Published: 17 March 2026

Published
17 March 2026
Modified
22 April 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0050 38.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-4318 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 38.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-4318 is a buffer overflow vulnerability affecting UTT HiPER 810G devices up to version 1.7.7-171114. The flaw exists in the strcpy function within the /goform/formApLbConfig file, where manipulation of the loadBalanceNameOld argument triggers the overflow. Published on 2026-03-17T15:16:19.650, it is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).

The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity. Low-privileged remote attackers can exploit it without user interaction, potentially gaining high-impact access to compromise confidentiality, integrity, and availability of the affected device.

Advisories referenced in VulDB entries (ctiid.351362, id.351362, submit.772659) and a GitHub issue (xiaoheshang404/cve/issues/1#issue-4026284809) detail the vulnerability. The exploit has been publicly disclosed and may be utilized by attackers.

Notable context includes the public availability of the exploit, increasing the risk of real-world exploitation against unpatched UTT HiPER 810G devices.

EU & UK References

Vulnerability details

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly…

more

disclosed and may be utilized.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Buffer overflow in public web form handler (/goform/formApLbConfig) on network device allows remote low-privileged attackers to achieve RCE with full impact; directly maps to exploitation of public-facing application (T1190) and exploitation for privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2935Shared CWE-119, CWE-120
CVE-2025-15461Shared CWE-119, CWE-120
CVE-2026-7288Shared CWE-119, CWE-120
CVE-2025-9781Shared CWE-119, CWE-120
CVE-2026-3814Shared CWE-119, CWE-120
CVE-2026-7749Shared CWE-119, CWE-120
CVE-2026-2904Shared CWE-119, CWE-120
CVE-2025-15217Shared CWE-119, CWE-120
CVE-2026-3274Shared CWE-119, CWE-120
CVE-2026-2068Shared CWE-119, CWE-120

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 requires timely identification, reporting, and correction of flaws like this buffer overflow, directly mitigating the CVE through patching affected UTT HiPER 810G devices.

prevent

SI-10 enforces validation of inputs such as loadBalanceNameOld to the /goform/formApLbConfig function, preventing buffer overflows from oversized or malformed data.

prevent

SI-16 implements memory safeguards like stack canaries, ASLR, and DEP that protect against exploitation of the strcpy buffer overflow even if invalid input reaches the vulnerable code.

References