Home / Vulnerability Intelligence / CVE-2026-4862

CVE-2026-4862 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 26, 2026

UTT HiPER 1250GW - Buffer Overflow

Published: March 26, 2026Updated: March 26, 2026Remote Exploitable

Overview

UTT HiPER 1250GW <= 3.2.7-210907-180535 contains a buffer overflow caused by improper handling of the GroupName argument in /goform/formConfigDnsFilterGlobal Parameter Handler, letting remote attackers execute code, exploit requires crafted request.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.1%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause buffer overflow leading to potential remote code execution and system compromise.

Mitigation

Update to the latest version beyond 3.2.7-210907-180535.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 26, 2026

🟠 CVE-2026-4862 - High (8.8) A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument Gr... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4862/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-4862
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new
EPSS: 4.1%
Social Posts: 1

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.1%Probability of exploitation in the next 30 days