Maple_S

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1200GW versions prior to 2.5.3-1703 **Description** A flaw in the `strcpy()` function within the `/goform/formUser` file allows for a remote buffer overflow. A buffer overflow occurs when a program writes more data to a block of memory, or buffer, than it is allocated to hold, potentially leading to crashes or arbitrary code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1200GW versions prior to 2.5.3-170306 **Description** A buffer overflow can be triggered remotely via the `strcpy()` function within the `/goform/formRemoteControl` file. A buffer overflow occurs when a program writes more data to a storage area, or buffer, than it can hold, potentially leading to system instability or unauthorized code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1250GW versions prior to 3.2.7-210907-180535 **Description** A buffer overflow can be triggered remotely via the `strcpy()` function within the file route/goform/NTP. This occurs when the `Profile` argument is manipulated. **Recommendations** Update to a version later than 3.2.7-210907-180535. As a temporary workaround, restrict access to the route/goform/NTP file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1250GW versions prior to 3.2.7-210907-180535 **Description** A buffer overflow occurs in the `strcpy()` function within the 'route/goform/formTaskEdit ap' file. This issue is triggered by the manipulation of the `Profile` argument, allowing for remote exploitation. **Recommendations** Update to a version later than 3.2.7-210907-180535. As a temporary workaround, restrict access to the 'route/goform/formTaskEdit ap' endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1250GW versions prior to 3.2.7-210907-180535 **Description** A buffer overflow exists in the `strcpy()` function within the 'route/goform/ConfigAdvideo' file. This issue allows a remote attacker to trigger the flaw by manipulating the `Profile` argument. A buffer overflow occurs when a program writes more data to a storage area (buffer) than it can hold, potentially leading to crashes or unauthorized code execution. **Recommendations** Update to a version later than 3.2.7-210907-180535. As a temporary workaround, restrict access to the 'route/goform/ConfigAdvideo' endpoint or avoid using the `Profile` argument until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** UTT HiPER 1250GW versions up to 3.2.7-210907-180535 **Description** A security issue has been identified in UTT HiPER 1250GW. A buffer overflow can occur due to manipulation of the `GroupName` argument within the `strcpy` function located in the `/goform/formConfigDnsFilterGlobal` file of the Parameter Handler component. This issue can be exploited remotely. The exploit for this issue has been publicly disclosed. **Recommendations** UTT HiPER 1250GW versions up to 3.2.7-210907-180535: Update to a newer version that addresses this vulnerability. As a temporary workaround, consider restricting access to the Parameter Handler component to minimize the risk of exploitation.