How to fix CVE-2025-41772?

Within 24 hours: Identify all UBR instances in your environment and restrict network access to the wwwupdate.cgi endpoint to trusted networks only; enable detailed logging and monitoring for suspicious access patterns. Within 7 days: Implement a WAF rule to block requests to wwwupdate.cgi containing session tokens in URL parameters; rotate all existing session tokens and force re-authentication. Within 30 days: Evaluate alternative solutions or managed services that eliminate this exposure; develop a vendor communication plan to track patch availability and apply immediately upon release.

Is Universal Bacnet Router Firmware affected by CVE-2025-41772?

An unauthenticated attacker can steal valid session tokens from UBR systems by exploiting plaintext credential exposure in URL parameters, potentially gaining unauthorized access to critical infrastructure.

CVE-2025-41772

HIGH

2026-03-09 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:56 vuln.today

CVE Published

Mar 09, 2026 - 09:16 nvd

HIGH 7.5

Description

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

Analysis

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR. [CVSS 7.5 HIGH]

Technical Context

Affects the plaintext within the URL component of Universal Bacnet Router Firmware. An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

Affected Products

Vendor: Mbs-Solutions. Product: Universal Bacnet Router Firmware. Component: plaintext within the URL.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2025-41772 vulnerability details – vuln.today

Back

CVE-2025-41772

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-41772

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code