Volerion logoVolerion
Volerion logoVolerion

MBS Universal Gateways UGW-A-Series and UGW-X-Series Process Termination Vulnerability

Vulnerability

A vulnerability exists in the MBS Universal Gateways (UGW-A-Series and UGW-X-Series) web GUI, specifically in versions through V6_0_0_5. The issue allows remote attackers with user privileges to terminate arbitrary processes. This exploitation stems from inadequate validation of user-supplied input in several CGI methods, which could lead to unauthorized process termination, among other impacts.

Impact

Exploitation of this vulnerability could enable an authenticated attacker to terminate system processes on the affected UGW device.

Remediation

Users are advised to update to firmware version V6_0_0_7, available at the MBS Firmware Update page.

Added: Jun 3, 2026, 1:22 PM
Updated: Jun 3, 2026, 1:22 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
5.2
remediation
0.0
relevance
9.9
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.