VYPR
Unrated severityNVD Advisory· Published Feb 20, 2026· Updated Feb 24, 2026

UTT HiPER 520 Web Management formReleaseConnect sub_44EFB4 os command injection

CVE-2026-2847

Description

A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument Isp_Name results in os command injection. The attack can be launched remotely. The exploit is now public and may be used.

Affected products

2
  • Utt/HiPER 520llm-create2 versions
    = 1.7.7-160105+ 1 more
    • (no CPE)range: = 1.7.7-160105
    • (no CPE)range: 1.7.7-160105

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.