2026-03-09 08:15:49
CERTVDE
PUBLISHED
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.