CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/02/20 3:32 p.m.•13 views

CVE-2026-2846

UTT HiPER 520 1.7.7-160105 Web Management Interface contains a vulnerability in the sub_44D264 function of /goform/formPdbUpConfig. By manipulating the policyNames argument, an attacker can trigger os command injection remotely. Affects the Web Management Interface component; CVSS data indicate h...

8.6CVSS5.4AI score0.0982EPSS

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21023

Name of the Vulnerable Software and Affected Versions UTT HiPER 520 version 1.7.7-160105 Description A security issue exists in UTT HiPER 520. The sub 44D264 function within the /goform/formPdbUpConfig file of the Web Management Interface is susceptible to operating system command injection. This...

8.6CVSS6.9AI score0.0982EPSS

Exploits1References7

CNNVD•added 2026/02/20 12:0 a.m.•6 views

UTT HiPER 520 操作系统命令注入漏洞

UTT HiPER 520 is a high-performance router produced by UTT Corporation. The version 1.7.7-160105 of UTT HiPER 520 contains a vulnerability related to operating system command injection. This vulnerability stems from an error in the handling of the parameter policyNames in the function sub44D264 o...

8.6CVSS7.1AI score0.0982EPSS

RedhatCVE•added 2026/02/10 1:23 a.m.•2 views

CVE-2026-2188

A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been...

8.6CVSS5.4AI score0.06413EPSS

RedhatCVE•added 2026/02/09 7:14 a.m.•5 views

CVE-2026-2135

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

8.8CVSS5.5AI score0.03852EPSS

ATTACKERKB•added 2026/02/08 9:32 p.m.•5 views

CVE-2026-2188

8.6CVSS6.9AI score0.06413EPSS

EUVD•added 2026/02/08 9:32 p.m.•6 views

EUVD-2026-5762

8.6CVSS5.3AI score0.06413EPSS

Cvelist•added 2026/02/08 9:32 p.m.•26 views

CVE-2026-2188 UTT 进取 521G formPdbUpConfig sub_446B18 os command injection

8.6CVSS0.06413EPSS

Vulnrichment•added 2026/02/08 9:32 p.m.•4 views

CVE-2026-2188 UTT 进取 521G formPdbUpConfig sub_446B18 os command injection

8.6CVSS5.4AI score0.06413EPSS

CVE•added 2026/02/08 9:32 p.m.•11 views

CVE-2026-2188

CVE-2026-2188 affects UTT 进取 521G release 3.1.1-190816. The vulnerable component is the function sub_446B18 in the file /goform/formPdbUpConfig. An input manipulation of the argument policyNames can cause an OS command injection, with remote exploit viability. Public disclosures of the exploit ex...

8.6CVSS7AI score0.06413EPSS

NVD•added 2026/02/08 5:16 a.m.•8 views

CVE-2026-2135

8.8CVSS0.03852EPSS

EUVD•added 2026/02/08 4:32 a.m.•4 views

EUVD-2026-5813

8.8CVSS6.4AI score0.03852EPSS

CVE•added 2026/02/08 4:32 a.m.•16 views

CVE-2026-2135

CVE-2026-2135 affects UTT HiPER 810, version 1.7.4-141218. The vulnerability exists in the function sub_43F020 of the file /goform/formPdbUpConfig, where manipulating the argument policyNames enables a remote command injection. Public exploits are available, enabling remote initiation with likely...

8.8CVSS6.5AI score0.03852EPSS

Positive Technologies•added 2026/02/08 12:0 a.m.•8 views

PT-2026-6961

Name of the Vulnerable Software and Affected Versions UTT HiPER 810 version 1.7.4-141218 Description A flaw exists in UTT HiPER 810 that allows for remote command injection. The issue is located in the sub 43F020 function within the /goform/formPdbUpConfig file. Manipulation of the policyNames...

8.8CVSS6.9AI score0.03852EPSS

Exploits1References8

CNNVD•added 2026/02/08 12:0 a.m.•6 views

UTT HiPER 810 命令注入漏洞

UTT HiPER 810 is an intelligent broadband router developed by UTT Corporation. The version 1.7.4-141218 of UTT HiPER 810 contains a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter policyNames in the functions sub43F020 within the...

8.8CVSS6.6AI score0.03852EPSS

Exploits1References5

RedhatCVE•added 2025/11/26 4:56 p.m.•2 views

CVE-2025-13442

A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...

9.8CVSS6.8AI score0.17612EPSS

CNVD•added 2025/11/24 12:0 a.m.•3 views

UTT Progressive 750W Command Injection Vulnerability

The UTT Progressive 750W is an enterprise-grade wireless router from Atech Technology UTT designed for office environments such as small businesses and remote branch offices. The UTT Progress 750W suffers from a command injection vulnerability that stems from the failure of the parameter...

9.8CVSS7.7AI score0.17612EPSS

CVE•added 2025/11/20 1:32 a.m.•13 views

CVE-2025-13442

The CVE affects UTT 进取 750W firmware up to 3.2.2-191225. The vulnerability is in the system() call within /goform/formPdbUpConfig, where improper handling of the policyNames argument allows remote command injection. Attackers could exploit this remotely; the vulnerability has public exploit discl...

9.8CVSS7.3AI score0.17612EPSS

Vulnrichment•added 2025/11/20 1:32 a.m.•2 views

CVE-2025-13442 UTT 进取 750W formPdbUpConfig system command injection

7.5CVSS7.3AI score0.17612EPSS