An issue exists in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.11.2. There is an SSRF in the in the MySQL access check, allowing an malicious user to scan for open ports and gain some information about possible credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mbconnectline mbconnect24 |
||
mbconnectline mymbconnect24 |
||
helmholz myrex24.virtual |
||
helmholz myrex24 |