CVE Catalog
CVE-2026-35080
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk0.37%
29th percentile - higher than 29% of all known CVEs
Summary
The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.
Risk Assessment
An attacker can delete critical system files, leading to service disruption or complete system unavailability.
Recommendation
Immediately update the software to a patched version and implement strict input validation for the ugw-restoreinfo method.
Original NVD description (English source)
The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

