GCVE - cpe:2.3:h:utt:810:4.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:utt:810:4.0:*:*:*:*:*:*:*

part: h version: 4.0 update: *

Vendor	Utt (`2f5a4977-7574-517d-86bd-607fb0d0757c`)
Product	810 (`8eb495f1-2ac6-57b5-b1f6-d40bc8c12512`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-2135`	not_vulnerable	2026-06-03 15:19:23.575007	UTT HiPER 810 formPdbUpConfig sub_43F020 command injection MEDIUM (6.3) A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Published: 2026-02-08T04:32:07.151Z Updated: 2026-02-23T09:38:04.956Z Open on db.gcve.eu Reference links https://vuldb.com/?id.344770 https://vuldb.com/?ctiid.344770 https://vuldb.com/?submit.747222 https://github.com/cha0yang1/UTT810CVE/blob/main/CVEreadme2.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2118`	not_vulnerable	2026-06-03 15:19:23.535744	UTT HiPER 810 rehttpd formReleaseConnect sub_4407D4 command injection HIGH (7.2) A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument Isp_Name can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Published: 2026-02-08T00:02:07.243Z Updated: 2026-02-23T09:35:59.363Z Open on db.gcve.eu Reference links https://vuldb.com/?id.344693 https://vuldb.com/?ctiid.344693 https://vuldb.com/?submit.746802 https://github.com/cha0yang1/UTT810CVE/blob/main/CVEreadme1.md https://github.com/cha0yang1/UTT810CVE/blob/main/CVEreadme1.md#poc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2080`	not_vulnerable	2026-06-03 15:19:23.447750	UTT HiPER 810 formUser setSysAdm command injection HIGH (7.2) A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSysAdm of the file /goform/formUser. The manipulation of the argument passwd1 leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2026-02-07T09:02:06.706Z Updated: 2026-02-23T09:30:46.455Z Open on db.gcve.eu Reference links https://vuldb.com/?id.344646 https://vuldb.com/?ctiid.344646 https://vuldb.com/?submit.745521 https://github.com/cha0yang1/UTT810CVE/blob/main/README.md https://github.com/cha0yang1/UTT810CVE/blob/main/README.md#reproduction-steps	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-70998`	not_vulnerable	2026-06-03 15:12:29.797454	Details available UTT HiPER 810 / nv810v4 router firmware v1.5.0-140603 was discovered to contain insecure default credentials for the telnet service, possibly allowing a remote attacker to gain root access via a crafted script. Published: 2026-02-18T00:00:00.000Z Updated: 2026-02-18T15:37:27.390Z Open on db.gcve.eu Reference links https://github.com/cha0yang1/UTT-nv810v4-telnet-backdoor	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.