PT-2026-24027 · Ubr · Ubr
Adrien Rey
+1
·
Publicado
2026-03-09
·
Atualizado
2026-03-12
·
CVE-2025-41757
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
UBR (affected versions not specified)
Description
A remote attacker with limited privileges can misuse the backup restore functionality of
ubr-restore, which operates with elevated privileges. The software does not validate the contents of the backup archive, allowing an attacker to create or overwrite arbitrary files on the system.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ubr