Unrated severityNVD Advisory· Published Mar 9, 2026· Updated Mar 9, 2026

Secret leak with wwwdnload.cgi

CVE-2025-41762

Description

An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates.

Affected products

MBS/UBR-01 Mk IIv5
Range: 0.0.0
MBS/UBR-02v5
Range: 0.0.0
MBS/UBR-LONv5
Range: 0.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.mbs-solutions.de/mbs-2025-0001mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000