CWE hub
This hub groups CVEs that NVD maps to CWE-1242, so you can review recent disclosures, common vendors, and related weakness patterns in one place.
Mapped CVEs
4
Records currently returned for this weakness id.
Top vendor
mbs-solutions
2 mapped CVEs in the aggregate scan.
Top product
universal bacnet router firmware
2 mapped CVEs in the aggregate scan.
KEV on page
0
Visible rows already present in the CISA KEV catalog.
Top products
Related CWEs
No co-occurring CWE mappings were surfaced in the aggregate scan.
Search results
Showing 1-4 of 4 vulnerabilities.
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability.
Affected vendor
Structured metadata unavailable
Affected product
Product metadata unavailable
Coverage
No structured product entries
CVSS
8.8
HIGH
Published
Apr 16, 2026
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.
Affected vendor
mbs-solutionsAffected product
universal bacnet router firmwareCoverage
Single affected product entry
CVSS
8.1
HIGH
Published
Mar 9, 2026
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system.
Affected vendor
mbs-solutionsAffected product
universal bacnet router firmwareCoverage
Single affected product entry
CVSS
6.5
MEDIUM
Published
Mar 9, 2026
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
Affected vendor
Structured metadata unavailable
Affected product
Product metadata unavailable
Coverage
No structured product entries
CVSS
8.7
HIGH
Published
Jan 30, 2026
