The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
History

Thu, 17 Oct 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Helmholz rex 100
Mbconnectline
Mbconnectline mbnet.mini
Mbconnectline mbnet.mini Firmware
CPEs cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*
Vendors & Products Helmholz rex 100
Mbconnectline
Mbconnectline mbnet.mini
Mbconnectline mbnet.mini Firmware

Tue, 15 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Helmholz
Helmholz rex 100 Firmware
Mb Connect Line
Mb Connect Line mbnet.mini
CPEs cpe:2.3:a:helmholz:rex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mb_connect_line:mbnet.mini:*:*:*:*:*:*:*:*
Vendors & Products Helmholz
Helmholz rex 100 Firmware
Mb Connect Line
Mb Connect Line mbnet.mini
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 10:45:00 +0000

Type Values Removed Values Added
Description The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
Title MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords
Weaknesses CWE-798
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-10-15T10:28:37.223Z

Updated: 2024-10-16T17:39:58.106Z

Reserved: 2024-08-26T09:19:01.266Z

Link: CVE-2024-45275

cve-icon Vulnrichment

Updated: 2024-10-16T17:39:58.106Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-15T11:15:12.487

Modified: 2024-10-17T17:39:52.713

Link: CVE-2024-45275

cve-icon Redhat

No data.