CVE Catalog

CVE-2026-14721

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.45%

36th percentile — higher than 36% of all known CVEs

Summary

A vulnerability was found in UTT HiPER 1250GW up to version 3.2.7-210907-180535 in the file /goform/ConfigWirelessBase_5g. Manipulation of the ssid argument leads to a stack-based buffer overflow, exploitable remotely. The exploit has been publicly disclosed.

Risk Assessment

An attacker can remotely take control of the device, leading to network integrity compromise and potential traffic interception.

Recommendation

Immediately update the firmware to the latest version or apply temporary firewall rules to block access to the vulnerable endpoint.

Original NVD description (English source)

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS