CVE-2025-41772
wwwupdate.cgi Session token in URL
An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://www.mbs-solutions.de/mbs-2025-0001