This vulnerability affects the UTT HiPER 2610G device firmware up to version 3.0.0-171107. It arises from improper handling of input in the strcpy function used in the /goform/formNatStaticMap endpoint, specifically when processing the NatBinds argument. This leads to a buffer overflow condition. The vulnerability has a CVSS 4.0 base score of 5.1, indicating medium severity, with attack vector requiring adjacent network access and low attack complexity. Exploit code has been made public, but no official fix or patch has been released by the vendor as of the published date.

Successful exploitation of this buffer overflow could allow an attacker with adjacent network access and low privileges to cause memory corruption, potentially leading to denial of service or limited code execution capabilities. The vulnerability does not require user interaction and has partial impact on confidentiality, integrity, and availability. However, no confirmed exploits in the wild have been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should limit access to the affected device's management interfaces to trusted networks only. Monitor vendor channels for updates and apply patches promptly once available.