Do Son 
Multiple Software Vulnerabilities Discovered in Underlying Web GUI Firmware
MBS GmbH has issued an urgent security notice regarding its industrial communication appliances. Several critical MBS Universal Gateway flaws expose smart building perimeters to unauthenticated infrastructure hijacking. These configuration and coding anomalies affect multiple active product lines running firmware version V6_0_0_5 and earlier. Because malicious actors can exploit these gaps to gain root controls, defensive teams must take immediate patching action. Consequently, updating the gateway endpoints ensures complete network isolation across corporate data hubs.
High Severity Default Password Exposure
To begin with, the single most critical issue tracks globally as CVE-2026-35075. This critical vulnerability stems from an insecure embedded password layout and carries an alarming CVSS score of 9.8. The system documentation explains that an unauthenticated remote attacker can recover a default, hard coded password from a firmware image. Therefore, an anonymous hacker can leverage this known secret to establish unauthorized full administrative access to all affected devices.
Exploiting Stack Buffer Overflow Bugs
Furthermore, independent security researchers uncovered a trio of critical stack buffer overflow bugs affecting internal web configuration utilities. Tracked as CVE-2026-35085, CVE-2026-35084, and CVE-2026-35083, these defects hold a severe CVSS score of 8.8. The vulnerabilities reside within endpoints like gdv-serverconfig and dali-devconfig. Specifically, a remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. Additionally, an accompanying path traversal vulnerability allows unauthorized readers to harvest confidential log files from the device.
Severe Arbitrary File Deletion Risks
Subsequently, multiple CGI execution paths fail to enforce proper boundary checks on user parameters. For example, five distinct input validation flaws track under separate file control metrics. These loopholes let authenticated users execute arbitrary file deletion operations across local directories. These dangerous vulnerabilities expose building automation devices to permanent service disruptions. Maintaining strict environment segmentation remains an essential practice for security teams.
Recommended Remediation Steps
Ultimately, neutralizing these extensive MBS Universal Gateway flaws requires immediate system maintenance adjustments. Building managers should update all affected products to firmware version V6_0_0_7 right away. Finally, continuous monitoring of configuration files prevents threat actors from sustaining an unauthorized presence inside network perimeters.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
