PT-2026-21023 · Unknown · Utt Hiper 520

Ruler-Chovy

Publicado

2026-02-20

Atualizado

2026-02-23

CVE-2026-2846

CVSS v2.0

8.3

Alta

Vetor

AV:N/AC:L/Au:M/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions UTT HiPER 520 version 1.7.7-160105

Description A security issue exists in UTT HiPER 520. The sub 44D264 function within the /goform/formPdbUpConfig file of the Web Management Interface is susceptible to operating system command injection. This occurs through manipulation of the policyNames argument, and the attack can be initiated remotely. The exploit for this issue has been publicly disclosed.

Recommendations Apply a fix to the sub 44D264 function in the /goform/formPdbUpConfig file to prevent manipulation of the policyNames argument.

Exploit

Correção

Command Injection

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77CWE-78

Identificadores relacionados

CVE-2026-2846

Produtos afetados

Utt Hiper 520

PT-2026-21023 · Unknown · Utt Hiper 520

CVE-2026-2846

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8