ByteOS Network

HiPER 520

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2026-2847

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-8.6||HIGH

EPSS-Not Assigned

Published-20 Feb, 2026 | 15:32

Updated-20 Feb, 2026 | 16:55

UTT HiPER 520 Web Management formReleaseConnect sub_44EFB4 os command injection

A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub_44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument Isp_Name results in os command injection. The attack can be launched remotely. The exploit is now public and may be used.

Vendor-UTT

Product-HiPER 520

CWE ID-CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2026-2846

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-8.6||HIGH

EPSS-Not Assigned

Published-20 Feb, 2026 | 15:32

Updated-20 Feb, 2026 | 16:55

UTT HiPER 520 Web Management formPdbUpConfig sub_44D264 os command injection

A security vulnerability has been detected in UTT HiPER 520 1.7.7-160105. This impacts the function sub_44D264 of the file /goform/formPdbUpConfig of the component Web Management Interface. The manipulation of the argument policyNames leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Vendor-UTT

Product-HiPER 520

CWE ID-CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')