Filtered by vendor Mb Connect Line
Subscriptions
Filtered by product Mbnet.mini
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-45271 | 4 Helmholz, Mb Connect Line, Mbconnectline and 1 more | 6 Rex 100, Rex 100 Firmware, Mbnet.mini and 3 more | 2024-10-21 | 8.4 High |
An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. | ||||
CVE-2024-45273 | 3 Helmholz, Mb Connect Line, Mbconnectline | 35 Myrex24.virtual, Myrex24 V2, Myrex24 V2 Virtual Server and 32 more | 2024-10-17 | 8.4 High |
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. | ||||
CVE-2024-45274 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2024-10-17 | 9.8 Critical |
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. | ||||
CVE-2024-45275 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2024-10-17 | 9.8 Critical |
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. | ||||
CVE-2024-45276 | 3 Helmholz, Mb Connect Line, Mbconnectline | 5 Rex 100, Rex 100 Firmware, Mbnet.mini and 2 more | 2024-10-17 | 7.5 High |
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. |
Page 1 of 1.