PT-2026-24024 · Wwwubr · Wwwubr
Adrien Rey
+1
·
Published
2026-03-09
·
Updated
2026-03-09
·
CVE-2025-41754
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
wwwubr versions (affected versions not specified)
Description
A low-privileged remote attacker can exploit the
ubr-editfile method in the ''wwwubr.cgi'' API endpoint to read arbitrary files on the system. The ''wwwubr.cgi'' endpoint is undocumented and unused. The vulnerable parameter is not specified.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wwwubr