CVE-2026-11517
8.8 HIGHA vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107
Published: 2026-06-08 · Last updated: 2026-06-09
Severity and scoring
- CVSS
- 8.8 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-119, CWE-120
Description
A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-11517
- [Other]https://github.com/HungryGoogle/log_attack/tree/main/index3
- [Other]https://vuldb.com/cve/CVE-2026-11517
- [Other]https://vuldb.com/submit/836278
- [Other]https://vuldb.com/vuln/369137
- [Other]https://vuldb.com/vuln/369137/cti
- [Other]https://vuldb.com/submit/836278
Related CVEs
Same CWE
- CVE-2026-30141 — An issue was discovered in bitbank2 AnimatedGIF v2.2.0 (9.8 CRITICAL)
- CVE-2026-0409 — A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Intern...
- CVE-2026-11623 — A security vulnerability has been detected in tmux up to 3.6a (4.5 MEDIUM)
- CVE-2026-11557 — A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9 (8.8 HIGH)
- CVE-2026-11553 — A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon (8.8 HIGH)