Platform
linux
Component
hiper1250gw
Fixed in
3.2.8
A buffer overflow vulnerability has been identified in UTT HiPER 1250GW, affecting versions up to 3.2.7-210907-180535. This flaw allows for remote exploitation through manipulation of the NatBind argument within the /goform/formNatStaticMap file, potentially leading to arbitrary code execution. The vulnerability is considered HIGH severity (CVSS: 8.8) and a public exploit is now available.
The vulnerability lies in the strcpy function within the /goform/formNatStaticMap file. An attacker can exploit this by crafting a malicious request that overflows the buffer when processing the NatBind argument. Successful exploitation could allow an attacker to execute arbitrary code on the affected UTT HiPER 1250GW device with the privileges of the process handling the request. This could lead to complete system compromise, including data theft, modification, and denial of service. The availability of a public exploit significantly increases the likelihood of exploitation and the potential for widespread attacks.
The vulnerability is considered HIGH severity due to the ease of exploitation and the availability of a public proof-of-concept. The exploit's public nature suggests active exploitation is possible. The vulnerability was publicly disclosed on 2026-04-05. It is recommended to monitor CISA KEV for updates and potential inclusion.
Exploit Status
EPSS
0.05% (14% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a patched version of UTT HiPER 1250GW. Unfortunately, the specific fixed version is not provided. Until a patch is available, consider implementing temporary workarounds. Input validation on the NatBind parameter within /goform/formNatStaticMap can help prevent excessively long inputs. Web application firewalls (WAFs) configured to detect and block buffer overflow attempts targeting this specific endpoint could offer some protection. Monitor system logs for unusual activity or errors related to /goform/formNatStaticMap. After upgrading, confirm the vulnerability is resolved by attempting to trigger the overflow with a known malicious payload and verifying that it is now rejected.
Update the UTT HiPER 1250GW device to a version later than 3.2.7-210907-180535 to mitigate the risk of buffer overflow. Refer to the manufacturer's documentation for specific instructions on how to update the firmware.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5566 is a HIGH severity buffer overflow vulnerability in UTT HiPER 1250GW versions up to 3.2.7-210907-180535. It allows remote code execution via manipulation of the NatBind argument.
You are affected if you are running UTT HiPER 1250GW versions 3.2.7-210907-180535 or earlier. Immediate action is required.
Upgrade to a patched version of UTT HiPER 1250GW. Until a patch is available, implement input validation and WAF rules as temporary mitigations.
A public exploit exists, indicating a high probability of active exploitation. Monitor your systems closely.
Refer to UTT's official website or security advisory channels for the latest information and patch releases regarding CVE-2026-5566.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.