CVE Catalog
CVE-2026-35079
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk0.37%
29th percentile - higher than 29% of all known CVEs
Summary
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.
Risk Assessment
An attacker can delete critical system files, leading to service disruption, data loss, or complete system unavailability.
Recommendation
Immediately update the software to a version that fixes input validation in the ugw-restore method, and restrict access to this method to trusted users only.
Original NVD description (English source)
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

