The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.
History

Mon, 08 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Mbs-solutions
Mbs-solutions double-a Profibus
Mbs-solutions double-a X-link
Mbs-solutions double-x Can
Mbs-solutions double-x Dali
Mbs-solutions double-x Knx
Mbs-solutions double-x Lon
Mbs-solutions double-x M-bus
Mbs-solutions double-x Profinet
Mbs-solutions double-x X-link
Mbs-solutions single-a
Mbs-solutions single-x
Mbs-solutions triple-x Knx\+dali
Mbs-solutions triple-x Knx\+lon
Mbs-solutions triple-x Knx\+m-bus
Mbs-solutions triple-x Profinet\+dali
Mbs-solutions triple-x Profinet\+knx
Mbs-solutions triple-x Profinet\+lon
Mbs-solutions triple-x Profinet\+m-bus
Mbs-solutions universal Gateway Firmware
CPEs cpe:2.3:h:mbs-solutions:double-a_profibus:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-a_x-link:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_can:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_dali:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_knx:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_lon:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_m-bus:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_profinet:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:double-x_x-link:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:single-a:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:single-x:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_knx\+dali:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_knx\+lon:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_knx\+m-bus:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_profinet\+dali:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_profinet\+knx:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_profinet\+lon:-:*:*:*:*:*:*:*
cpe:2.3:h:mbs-solutions:triple-x_profinet\+m-bus:-:*:*:*:*:*:*:*
cpe:2.3:o:mbs-solutions:universal_gateway_firmware:*:*:*:*:*:*:*:*
Vendors & Products Mbs-solutions
Mbs-solutions double-a Profibus
Mbs-solutions double-a X-link
Mbs-solutions double-x Can
Mbs-solutions double-x Dali
Mbs-solutions double-x Knx
Mbs-solutions double-x Lon
Mbs-solutions double-x M-bus
Mbs-solutions double-x Profinet
Mbs-solutions double-x X-link
Mbs-solutions single-a
Mbs-solutions single-x
Mbs-solutions triple-x Knx\+dali
Mbs-solutions triple-x Knx\+lon
Mbs-solutions triple-x Knx\+m-bus
Mbs-solutions triple-x Profinet\+dali
Mbs-solutions triple-x Profinet\+knx
Mbs-solutions triple-x Profinet\+lon
Mbs-solutions triple-x Profinet\+m-bus
Mbs-solutions universal Gateway Firmware

Fri, 05 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Mbs double-a Profibus
Mbs double-a X-link
Mbs double-x Can
Mbs double-x Dali
Mbs double-x Knx
Mbs double-x Lon
Mbs double-x M-bus
Mbs double-x Profinet
Mbs double-x X-link
Mbs single-a
Mbs single-x
Mbs triple-x Knx+dali
Mbs triple-x Knx+lon
Mbs triple-x Knx+m-bus
Mbs triple-x Profinet+dali
Mbs triple-x Profinet+knx
Mbs triple-x Profinet+lon
Mbs triple-x Profinet+m-bus
Vendors & Products Mbs double-a Profibus
Mbs double-a X-link
Mbs double-x Can
Mbs double-x Dali
Mbs double-x Knx
Mbs double-x Lon
Mbs double-x M-bus
Mbs double-x Profinet
Mbs double-x X-link
Mbs single-a
Mbs single-x
Mbs triple-x Knx+dali
Mbs triple-x Knx+lon
Mbs triple-x Knx+m-bus
Mbs triple-x Profinet+dali
Mbs triple-x Profinet+knx
Mbs triple-x Profinet+lon
Mbs triple-x Profinet+m-bus

Wed, 03 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 03 Jun 2026 12:30:00 +0000

Type Values Removed Values Added
Description The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.
Title Arbitrary file delete vulnerability in method ugw-restore
First Time appeared Mbs
Mbs double A Profibus Firmware
Mbs double A X Link Firmware
Mbs double X Can Firmware
Mbs double X Dali Firmware
Mbs double X Knx Firmware
Mbs double X Lon Firmware
Mbs double X M Bus Firmware
Mbs double X Profinet Firmware
Mbs double X X Link Firmware
Mbs single A Firmware
Mbs single X Firmware
Mbs triple X Knx Dali Firmware
Mbs triple X Knx Lon Firmware
Mbs triple X Knx M Bus Firmware
Mbs triple X Profinet Dali Firmware
Mbs triple X Profinet Knx Firmware
Mbs triple X Profinet Lon Firmware
Mbs triple X Profinet M Bus Firmware
Weaknesses CWE-73
CPEs cpe:2.3:o:mbs:double_a_profibus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_a_x_link_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_can_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_dali_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_knx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_lon_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_m_bus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_profinet_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:double_x_x_link_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:single_a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:single_x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_knx_dali_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_knx_lon_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_knx_m_bus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_profinet_dali_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_profinet_knx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_profinet_lon_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbs:triple_x_profinet_m_bus_firmware:*:*:*:*:*:*:*:*
Vendors & Products Mbs
Mbs double A Profibus Firmware
Mbs double A X Link Firmware
Mbs double X Can Firmware
Mbs double X Dali Firmware
Mbs double X Knx Firmware
Mbs double X Lon Firmware
Mbs double X M Bus Firmware
Mbs double X Profinet Firmware
Mbs double X X Link Firmware
Mbs single A Firmware
Mbs single X Firmware
Mbs triple X Knx Dali Firmware
Mbs triple X Knx Lon Firmware
Mbs triple X Knx M Bus Firmware
Mbs triple X Profinet Dali Firmware
Mbs triple X Profinet Knx Firmware
Mbs triple X Profinet Lon Firmware
Mbs triple X Profinet M Bus Firmware
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H'}

cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2026-06-03T10:39:51.326Z

Updated: 2026-07-03T08:51:26.663Z

Reserved: 2026-04-01T08:28:27.141Z

Link: CVE-2026-35079

cve-icon Vulnrichment

Updated: 2026-06-03T12:38:59.524Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-03T13:16:20.177

Modified: 2026-06-08T17:17:32.690

Link: CVE-2026-35079

cve-icon Redhat

No data.