CVE-2026-2752
Information Disclosure via Unhandled Exception in Navtor NavBox API
Publication date: 2026-03-06
Last updated on: 2026-03-10
Assigner: MHV
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| navtor | navbox | From 4.16.2.4 (exc) |
| navtor | navbox | 4.16.2.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-209 | The product generates an error message that includes sensitive information about its environment, users, or associated data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2752 is a vulnerability in Navtor NavBox that allows remote, unauthenticated attackers to send specially crafted requests to the /api/ais-data endpoint. This triggers an unhandled exception causing the server to return detailed .NET stack traces. These error messages expose internal class names, method calls, and third-party library references, which can help attackers understand the internal structure of the application.
Additionally, this vulnerability allows attackers to access exposed HTTP API endpoints without authentication, retrieving unencrypted JSON objects containing sensitive information such as environmental data, configuration parameters, operational telemetry, and service status.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive information about the vesselβs internal network and maritime Industrial Control Systems/Operational Technology (ICS/OT) environment. Attackers gaining this insight may use it to plan further attacks or disrupt maritime cybersecurity.
The exposure of detailed internal application data and operational telemetry can compromise confidentiality, potentially leading to security breaches or operational disruptions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP requests to the /api/ais-data endpoint of the Navtor NavBox system and observing the server's response.
If the server returns verbose .NET stack traces containing internal class names, method calls, or third-party library references, it indicates the presence of the vulnerability.
A simple command to test this could be using curl to send a request and check the response for error stack traces.
- curl -v http://<navbox-ip-or-hostname>/api/ais-data
If the response contains detailed .NET exception stack traces or sensitive internal information, the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating the Navtor NavBox software to a patched version.
NAVTOR has addressed this vulnerability in NavBox version 4.16.2.4 and later, which include patches to prevent unauthenticated access to sensitive API endpoints.
Until the update can be applied, restrict network access to the NavBox system, especially blocking external or untrusted sources from accessing the /api/ais-data endpoint.
Implement network-level controls such as firewalls or access control lists (ACLs) to limit exposure.