Unrated severityNVD Advisory· Published Mar 9, 2026· Updated Mar 9, 2026
wwwupdate.cgi Session token in URL
CVE-2025-41772
Description
An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- MBS/UBR-01 Mk IIv5Range: 0.0.0
- MBS/UBR-02v5Range: 0.0.0
- MBS/UBR-LONv5Range: 0.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.