Ubee EVW3226 Unauthenticated Backup File Disclosure
CVE-2016-15056

8.7HIGH

Key Information:

Vendor

Ubee Interactive

Status
Ubee Evw3226
Vendor
CVE Published:
14 November 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2016-15056?

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can request 'Configuration_file.cfg' directly to obtain the backup archive. Because backup files are not encrypted, they expose sensitive information including the plaintext admin password, allowing full compromise of the device.

Affected Version(s)

Ubee EVW3226 0 <= 1.0.20

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2016-15056 - Proof of Concept

CVE-2016-15056 - Proof of Concept

CVE-2016-15056 - Proof of Concept

References

https://www.exploit-db.com/exploits/40156
exploit
https://seclists.org/fulldisclosure/2016/Jul/66
exploit
https://web.archive.org/web/20160726145043/http://www.sea...
technical-descriptionexploit

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Gergely Eberhardt of Search-Lab.hu
JSON
.
CVE-2016-15056 : Backup File Exposure in Ubee EVW3226 Cable Modem/Routers