Vulnerability Details CVE-2026-35077
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.0%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2026-35077
-
cpe:2.3:h:mbs-solutions:double-a_profibus:-
-
cpe:2.3:h:mbs-solutions:double-a_x-link:-
-
cpe:2.3:h:mbs-solutions:double-x_can:-
-
cpe:2.3:h:mbs-solutions:double-x_dali:-
-
cpe:2.3:h:mbs-solutions:double-x_knx:-
-
cpe:2.3:h:mbs-solutions:double-x_lon:-
-
cpe:2.3:h:mbs-solutions:double-x_m-bus:-
-
cpe:2.3:h:mbs-solutions:double-x_profinet:-
-
cpe:2.3:h:mbs-solutions:double-x_x-link:-
-
cpe:2.3:h:mbs-solutions:single-a:-
-
cpe:2.3:h:mbs-solutions:single-x:-
-
cpe:2.3:h:mbs-solutions:triple-x_knx+dali:-
-
cpe:2.3:h:mbs-solutions:triple-x_knx+lon:-
-
cpe:2.3:h:mbs-solutions:triple-x_knx+m-bus:-
-
cpe:2.3:h:mbs-solutions:triple-x_profinet+dali:-
-
cpe:2.3:h:mbs-solutions:triple-x_profinet+knx:-
-
cpe:2.3:h:mbs-solutions:triple-x_profinet+lon:-
-
cpe:2.3:h:mbs-solutions:triple-x_profinet+m-bus:-
-
cpe:2.3:o:mbs-solutions:universal_gateway_firmware:*