CVE-2025-41772 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 URL Parameter wwwupdate.cgi get request method with sensitive query strings (mbs-2025-0001)

Inserito da Angelo Barbosa | Mar 9, 2026 | CVE

A vulnerability was found in MBS UBR-01 Mk II, UBR-02 and UBR-LON. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the file wwwupdate.cgi of the component URL Parameter Handler. The manipulation leads to use of get request method with sensitive query strings.

This vulnerability is documented as CVE-2025-41772. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2025-41772 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 URL Parameter wwwupdate.cgi get request method with sensitive query strings (mbs-2025-0001)

Post correlati

CVE-2025-10327 | MiczFlor RPi-Jukebox-RFID up to 2.8.0 shuffle.php playlist os command injection

CVE-2025-8878 | ProfilePress Plugin up to 4.16.4 on WordPress Shortcode Remote Code Execution

CVE-2023-46806 | Ivanti EPMM up to 12.1.0.0 Web sql injection

CVE-2025-63214 | Bridgetech VBC Server & Element Manager 6.5.0-9/6.5.0-10 improper authorization