Unauthenticated attacker can take full control of the device via HTTP

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Unauthenticated attacker can take full control of the device via HTTP

CVE-2025-41766

Summary

An attacker can send a malicious HTTP request to an affected device, potentially allowing them to gain complete control over the device. This means an attacker could install malware, steal data, or use the device for malicious activities. Affected devices should be updated with the latest security patches as soon as possible to prevent this risk.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
mbs-solutions	universal_bacnet_router_firmware	<= 6.0.1.0	–

Original title

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

Original description

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

nvd CVSS3.1 8.8

Vulnerability type

CWE-787 Out-of-bounds Write

https://www.mbs-solutions.de/mbs-2025-0001

Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026