Home / Vulnerability Intelligence / CVE-2026-4488

CVE-2026-4488 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 20, 2026

UTT HiPER 1250GW - Buffer Overflow

Published: March 20, 2026Updated: March 20, 2026Remote Exploitable

Overview

UTT HiPER 1250GW <= 3.2.7-210907-180535 contains a buffer overflow caused by improper handling of the GroupName argument in /goform/setSysAdm, letting remote attackers cause memory corruption, exploit requires crafted request.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.1%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption, potentially leading to denial of service or code execution.

Mitigation

Update to the latest version beyond 3.2.7-210907-180535.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 20, 2026

🟠 CVE-2026-4488 - High (8.8) A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected is the function strcpy of the file /goform/setSysAdm. Such manipulation of the argument GroupName leads to buffer overflow. It is possible to launch the attack ... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4488/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-4488
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new
EPSS: 4.1%
Social Posts: 1

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.1%Probability of exploitation in the next 30 days