PT-2026-24024 · Wwwubr · Wwwubr
Adrien Rey
+1
·
Publicado
2026-03-09
·
Atualizado
2026-03-09
·
CVE-2025-41754
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
wwwubr versions (affected versions not specified)
Description
A low-privileged remote attacker can exploit the
ubr-editfile method in the ''wwwubr.cgi'' API endpoint to read arbitrary files on the system. The ''wwwubr.cgi'' endpoint is undocumented and unused. The vulnerable parameter is not specified.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wwwubr