Filtered by vendor Mb Connect Line
Subscriptions
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-41679 | 2 Helmholz, Mb Connect Line | 2 Rex 100, Mbnet.mini | 2025-07-28 | 5.3 Medium |
| An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service. | ||||
| CVE-2025-41675 | 2 Helmholz, Mb Connect Line | 2 Rex 100, Mbnet.mini | 2025-07-22 | 7.2 High |
| A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command. | ||||
| CVE-2025-41677 | 2 Helmholz, Mb Connect Line | 2 Rex 100, Mbnet.mini | 2025-07-22 | 4.9 Medium |
| A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession. | ||||
| CVE-2025-41673 | 2 Helmholz, Mb Connect Line | 2 Rex 100, Mbnet.mini | 2025-07-22 | 7.2 High |
| A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command. | ||||
| CVE-2025-41676 | 2 Helmholz, Mb Connect Line | 2 Rex 100, Mbnet.mini | 2025-07-22 | 4.9 Medium |
| A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession. | ||||
| CVE-2024-45276 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2025-01-24 | 7.5 High |
| An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. | ||||
| CVE-2024-45275 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2024-11-21 | 9.8 Critical |
| The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. | ||||
| CVE-2024-45274 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2024-11-21 | 9.8 Critical |
| An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. | ||||
| CVE-2024-45273 | 3 Helmholz, Mb Connect Line, Mbconnectline | 35 Myrex24.virtual, Myrex24 V2, Myrex24 V2 Virtual Server and 32 more | 2024-11-21 | 8.4 High |
| An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. | ||||
| CVE-2024-45271 | 4 Helmholz, Mb Connect Line, Mbconnectline and 1 more | 6 Rex 100, Rex 100 Firmware, Mbnet.mini and 3 more | 2024-11-21 | 8.4 High |
| An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. | ||||
Page 1 of 1.