CVE-2026-9632

Vulnerability

The web management interface of UTT HiPER 1250GW router firmware versions up to 3.2.7-210907-180535 contains a stack-based buffer overflow in the /goform/formGroupConfig endpoint. The vulnerability exists in the strcpy function when copying the "Profile" argument into a fixed-size buffer without length checking [1]. The affected component is the Web Management Interface, accessible remotely.

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP POST request to /goform/formGroupConfig with an overly long "Profile" parameter. The request must be authenticated (as shown in the published PoC [1]), and the attacker needs network access to the router's management interface. The exploit has been publicly released [1].

Impact

Successful exploitation leads to a stack-based buffer overflow, which can corrupt the stack and cause a denial of service (DoS) by crashing the router [1]. While the reference only confirms denial of service, the buffer overflow could potentially be leveraged for arbitrary code execution given the nature of the vulnerability.

Mitigation

As of the publication date, no official patch has been released by UTT. Users are advised to restrict access to the web management interface to trusted networks only, disable remote management if possible, and monitor for firmware updates [1]. The affected firmware version is v3.2.7-210907-180535 and earlier.