CVE-2025-41772 | THREATINT

Description

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

PUBLISHED Reserved 2025-04-16 | Published 2026-03-09 | Updated 2026-03-09 | Assigner CERTVDE

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-598 Use of GET Request Method With Sensitive Query Strings

Product status

Default status

unaffected

0.0.0 (semver) before 6.0.1.0

affected

Default status

unaffected

0.0.0 (semver) before 6.0.1.0

affected

Default status

unaffected

0.0.0 (semver) before 6.0.1.0

affected

Credits

Adrien Rey from Cyber Defense Campus Zurich finder

Daniel Hulliger from Armasuisse finder

References

www.mbs-solutions.de/mbs-2025-0001

cve.org (CVE-2025-41772)

nvd.nist.gov (CVE-2025-41772)

Download JSON

help @ threatint.eu