Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mbconnectline mymbconnect24 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-1779
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of anoth...
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
5.3
CVSSv3
CVE-2020-35570
An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.11.2. An unauthenticated attacker is able to access files (that should have been restricted) via forceful browsing.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
6.5
CVSSv3
CVE-2020-35557
An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
5.3
CVSSv3
CVE-2020-35561
An issue exists MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthenticated malicious user to scan for open ports.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
4.3
CVSSv3
CVE-2020-35568
An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An incomplete filter applied to a database response allows an authenticated malicious user to gain non-public information about other users and ...
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
4.3
CVSSv3
CVE-2023-4834
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged malicious user to gain read access to limited, non-critical device information ...
Helmholz Myrex24
Helmholz Myrex24.virtual
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
7.5
CVSSv3
CVE-2020-35558
An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.11.2. There is an SSRF in the in the MySQL access check, allowing an malicious user to scan for open ports and gain some information about possible credent...
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
5.3
CVSSv3
CVE-2020-35566
An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
5.3
CVSSv3
CVE-2022-22520
A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
6.5
CVSSv3
CVE-2020-12527
An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions.
Mbconnectline Mbconnect24
Mbconnectline Mymbconnect24
Helmholz Myrex24.virtual
Helmholz Myrex24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »