CVE-2025-41766— Stack buffer overflow on parsing web request

CVSS 8.8 · High EPSS 0.03% · P10 Updated Mar 10, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-41766

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Stack buffer overflow on parsing web request

Source: NVD (National Vulnerability Database)

Vulnerability Description

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨界内存写

Source: NVD (National Vulnerability Database)

Vulnerability Title

MBS多款产品缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MBS UBR-01 Mk II等都是德国MBS公司的产品。MBS UBR-01 Mk II是一款远程基站设备。MBS UBR-02是一款远程基站设备。MBS UBR-LON是一款工业自动化系统的通信接口设备。 MBS多款产品存在缓冲区错误漏洞，该漏洞源于低权限远程攻击者可通过特制HTTP POST请求触发基于栈的缓冲区溢出，可能导致设备完全被控制。以下产品受到影响：MBS UBR-01 Mk II、MBS UBR-02和MBS UBR-LON。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
MBS	UBR-01 Mk II	0.0.0 ~ 6.0.1.0	-
MBS	UBR-02	0.0.0 ~ 6.0.1.0	-
MBS	UBR-LON	0.0.0 ~ 6.0.1.0	-

II. Public POCs for CVE-2025-41766

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-41766

请登录查看更多情报信息。

Same Patch Batch · MBS · 2026-03-09 · 15 CVEs total

CVE-2025-41764	9.1 CRITICAL	Unchecked role in wwwupdate.cgi
CVE-2025-41765	9.1 CRITICAL	Unchecked role in wwwupload.cgi
CVE-2025-41758	8.8 HIGH	Arbitrary Write with wwwupload.cgi
CVE-2025-41757	8.8 HIGH	Arbitrary Write with ubr-restore
CVE-2025-41756	8.1 HIGH	Arbitrary Write with ubr-editfile
CVE-2025-41761	7.8 HIGH	Privilege escalation possible
CVE-2025-41772	7.5 HIGH	wwwupdate.cgi Session token in URL
CVE-2025-41767	7.2 HIGH	Signature bypass on update upload
CVE-2025-41763	6.5 MEDIUM	Unchecked role in wwwdnload.cgi
CVE-2025-41754	6.5 MEDIUM	Arbitrary Read with ubr-editfile
CVE-2025-41755	6.5 MEDIUM	Arbitrary Read with ubr-logread
CVE-2025-41762	6.2 MEDIUM	Secret leak with wwwdnload.cgi
CVE-2025-41760	4.9 MEDIUM	Pass filter with Empty Table
CVE-2025-41759	4.9 MEDIUM	Use of wildcard (“*” or “all”) in Block list

IV. Related Vulnerabilities

Same product: UBR-01 Mk II

Same vendor: MBS

Same weakness: CWE-787

V. Comments for CVE-2025-41766

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-41766— Stack buffer overflow on parsing web request

I. Basic Information for CVE-2025-41766

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-41766

III. Intelligence Information for CVE-2025-41766

Same Patch Batch · MBS · 2026-03-09 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-41766

Leave a comment