CVE-2026-2752 is a vulnerability classified under CWE-209, which involves the generation of error messages containing sensitive information. The affected product, Navtor NavBox version 4.12.0.3, exposes detailed .NET stack traces through its /api/ais-data endpoint when it encounters unhandled exceptions triggered by specially crafted requests. These verbose error messages reveal internal implementation details such as class names, method calls, and references to third-party libraries like System.Data.SQLite. This information disclosure can assist attackers in understanding the internal architecture of the application, potentially enabling more targeted and effective attacks such as code injection, privilege escalation, or further exploitation of other vulnerabilities. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network. Although the vulnerability does not directly compromise data integrity or system availability, the leakage of internal details increases the attack surface and risk profile of the affected system. No known exploits have been reported in the wild, and no official patches are currently available, highlighting the need for proactive mitigation. NavBox is a maritime navigation solution, so the affected systems are likely deployed on vessels and maritime operations centers, making the maritime industry the primary sector at risk.

The primary impact of CVE-2026-2752 is information disclosure, which can aid attackers in reconnaissance and planning of subsequent attacks. By revealing internal class names, method calls, and third-party library usage, attackers gain insights into the application’s structure and potential weak points. This can lead to more effective exploitation of other vulnerabilities or development of custom exploits. While the vulnerability does not directly affect data integrity or availability, the increased knowledge available to attackers raises the overall risk to affected systems. For organizations relying on NavBox for maritime navigation and situational awareness, exploitation could indirectly compromise operational security by facilitating unauthorized access or manipulation in follow-up attacks. Given the remote and unauthenticated nature of the exploit, the threat is accessible to a wide range of adversaries, including opportunistic attackers. The lack of known exploits in the wild currently limits immediate risk, but the exposure of sensitive information remains a significant concern, especially for critical maritime infrastructure and operations.

1. Implement proper error handling and logging: Configure NavBox to avoid returning verbose error messages to clients. Instead, log detailed errors internally and return generic error responses to external requests. 2. Apply input validation and sanitization: Ensure that inputs to the /api/ais-data endpoint are strictly validated to prevent triggering unhandled exceptions. 3. Monitor network traffic for unusual or malformed requests targeting the /api/ais-data endpoint to detect potential exploitation attempts. 4. Restrict access to the NavBox API endpoints using network segmentation, firewalls, or VPNs to limit exposure to trusted users and systems only. 5. Engage with Navtor for official patches or updates addressing this vulnerability and apply them promptly once available. 6. Conduct regular security assessments and penetration testing focused on error handling and information leakage to identify and remediate similar issues proactively. 7. Educate operational staff about the risks of information disclosure and encourage reporting of suspicious system behaviors.