2026-03-09 08:16:10
CERTVDE
PUBLISHED
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.