CVE Catalog

CVE-2026-35080

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile - higher than 29% of all known CVEs

Summary

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

Risk Assessment

An attacker can delete critical system files, leading to service disruption or complete system unavailability.

Recommendation

Immediately update the software to a patched version and implement strict input validation for the ugw-restoreinfo method.

Original NVD description (English source)

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS