Utt Hiper 810 vulnerabilities
4 known vulnerabilities affecting utt/hiper_810.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2026-2135P2HIGHCVSS 8.8v1.7.4-1412182026-02-08
CVE-2026-2135 [HIGH] CWE-74 CVE-2026-2135: A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub
A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
nvd
CVE-2026-2080P2HIGHCVSS 7.2v1.7.4-1412182026-02-07
CVE-2026-2080 [HIGH] CWE-74 CVE-2026-2080: A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSys
A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSysAdm of the file /goform/formUser. The manipulation of the argument passwd1 leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this di
nvd
CVE-2026-1162P2CRITICALCVSS 9.8v1.7.4-1412182026-01-19
CVE-2026-1162 [CRITICAL] CWE-119 CVE-2026-1162: A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of
A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of the file /goform/setSysAdm. This manipulation of the argument passwd1 causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.
nvd
CVE-2026-2118P2HIGHCVSS 7.2v1.7.4-1412182026-02-08
CVE-2026-2118 [HIGH] CWE-74 CVE-2026-2118: A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function s
A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument Isp_Name can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
nvd