Ashin9

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 2620G versions through 3.1.4 **Description** A flaw exists in UTT HiPER 2620G up to version 3.1.4. The `strcpy` function within the `/goform/fNTP` file is susceptible to a buffer overflow when the `NTPServerIP` argument is manipulated. This issue can be exploited remotely. The exploit for this issue has been publicly disclosed. The vendor was informed about the disclosure but did not respond. **Recommendations** Versions prior to 3.1.4 should be updated. As a temporary workaround, consider restricting access to the `/goform/fNTP` file to minimize the risk of exploitation.