CVE-2025-41757 is a path traversal vulnerability classified under CWE-22 affecting the MBS UBR-01 Mk II device. The vulnerability arises from the backup restore functionality (ubr-restore) which operates with elevated privileges but fails to properly validate the contents of backup archives. This improper limitation of pathname access allows a remote attacker with low privileges to craft malicious backup archives that, when restored, can create or overwrite arbitrary files anywhere on the system filesystem. Since the restore process runs with elevated privileges, this can lead to unauthorized modification of critical system files, potentially enabling remote code execution, privilege escalation, or system disruption. The vulnerability is remotely exploitable without user interaction and requires only low privileges, making it highly accessible to attackers. The CVSS 3.1 base score of 8.8 reflects its high impact on confidentiality, integrity, and availability, with network attack vector, low attack complexity, and no user interaction required. Although no public exploits are currently known, the vulnerability poses a significant risk to organizations relying on this product for backup and restore operations. The lack of available patches increases the urgency for mitigation. The vulnerability was reserved in April 2025 and published in March 2026, indicating recent discovery and disclosure. The affected version is listed as 0.0.0, which likely denotes all current versions or an unspecified version, suggesting widespread exposure. This vulnerability highlights the critical need for secure handling of backup data and strict validation of file paths to prevent directory traversal attacks in privileged processes.

The impact of CVE-2025-41757 is severe for organizations using the MBS UBR-01 Mk II backup device. Exploitation allows attackers to overwrite or create arbitrary files with elevated privileges, potentially leading to full system compromise. This can result in unauthorized disclosure of sensitive data (confidentiality breach), alteration or destruction of critical system files (integrity breach), and disruption of backup and restore operations or system availability (availability breach). Attackers could implant backdoors, disable security controls, or corrupt backups, severely undermining business continuity and disaster recovery capabilities. Given the remote exploitability and low privilege requirement, threat actors could leverage this vulnerability to pivot within networks, escalate privileges, and move laterally. Critical infrastructure, government agencies, and enterprises relying on this product for backup integrity are particularly at risk. The absence of known exploits currently provides a window for proactive defense, but the high CVSS score and ease of exploitation indicate that attackers may develop exploits rapidly. The vulnerability could also be leveraged in targeted attacks or ransomware campaigns to maximize damage.

Organizations should immediately assess their deployment of MBS UBR-01 Mk II devices and restrict network access to the backup restore functionality to trusted administrators only. Implement network segmentation and firewall rules to limit exposure of the restore service to untrusted networks. Monitor logs for unusual restore operations or unexpected file modifications. Until a vendor patch is available, consider disabling the backup restore feature if feasible or applying compensating controls such as application-layer filtering or sandboxing restore operations. Validate and verify backup archives from trusted sources only, and avoid restoring backups from unverified or external origins. Employ host-based intrusion detection systems (HIDS) to detect unauthorized file changes. Engage with the vendor for timely patch releases and apply updates as soon as they become available. Conduct regular security audits and penetration tests focusing on backup and restore processes. Educate administrators on the risks of improper backup handling and enforce strict access controls and authentication mechanisms for backup management interfaces.