How to fix CVE-2025-41757?

Within 24 hours: Identify all systems running UBR and assess exposure; disable or restrict access to ubr-restore functionality if operationally feasible. Within 7 days: Implement network segmentation to limit backup restore access to trusted administrative networks only; deploy file integrity monitoring on critical system directories; establish enhanced logging and alerting for backup restore activity. Within 30 days: Develop and test an incident response plan for potential exploitation; monitor vendor communications for patch availability; evaluate alternative backup solutions that address this vulnerability.

Is Universal Bacnet Router Firmware affected by CVE-2025-41757?

CVE-2025-41757 allows attackers to bypass security controls and write malicious files to critical systems through the backup restore function, potentially leading to system compromise, data theft, or service disruption.

CVE-2025-41757

HIGH

2026-03-09 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:56 vuln.today

CVE Published

Mar 09, 2026 - 09:15 nvd

HIGH 8.8

Description

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system.

Analysis

Technical Context

Classified as CWE-22 (Path Traversal). Affects Universal Bacnet Router Firmware. A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system.

Affected Products

Vendor: Mbs-Solutions. Product: Universal Bacnet Router Firmware.

Remediation

Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +44

POC: 0

CVE-2025-41757 vulnerability details – vuln.today

Back

CVE-2025-41757

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-41757

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code