Description
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
Published: 2026-05-27
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unauthenticated remote attacker can exploit a SQL injection vulnerability in the _mb24confi_getTagAlarm function of the dataapi.php files. The flaw arises from improper neutralization of special characters in a SELECT statement, allowing malicious input to be executed. The attacker can gain full visibility of the underlying database, leading to a total loss of confidentiality of data stored by the system.

Affected Systems

Helmholz myREX24V2 and its virtual edition, as well as MB connect line mbCONNECT24 and mymbCONNECT24, running firmware version 2.20.0, are affected by this vulnerability.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the absence of an available EPSS score means current exploitation probability is unknown but the vulnerability can be triggered without authentication over the network. The vulnerability is not listed in the CISA KEV catalog, but the lack of authentication requirements and potential for direct remote exploitation suggest a significant risk to the confidentiality of affected installations. Attackers with network access to the dataapi.php endpoint can inject arbitrary SQL code via the function and extract sensitive data.

Generated by OpenCVE AI on May 27, 2026 at 09:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest firmware or software update that contains the fix for the _mb24confi_getTagAlarm SQL injection flaw.
  • Restrict unauthenticated access to the dataapi.php endpoint by applying firewall or network ACL rules that allow only trusted hosts or authenticated users.
  • Deploy a Web Application Firewall or input validation logic that sanitizes or blocks suspicious SQL patterns before they reach the function.

Generated by OpenCVE AI on May 27, 2026 at 09:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 27 May 2026 08:00:00 +0000

Type Values Removed Values Added
Description An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
Title Unauthenticated SQLi in _mb24confi_getTagAlarm function
First Time appeared Helmholz
Helmholz myrex24v2
Helmholz myrex24v2.virtual
Helmholz myrex24v2virtual
Mb Connect Line
Mb Connect Line mbconnect24
Mb Connect Line mymbconnect24
Weaknesses CWE-89
CPEs cpe:2.3:a:helmholz:myrex24v2.virtual:*:*:*:*:*:*:*:*
cpe:2.3:a:helmholz:myrex24v2:*:*:*:*:*:*:*:*
cpe:2.3:a:mb_connect_line:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mb_connect_line:mymbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:myrex24v2:2.20.0:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:myrex24v2virtual:2.20.0:*:*:*:*:*:*:*
cpe:2.3:o:mb_connect_line:mbconnect24:2.20.0:*:*:*:*:*:*:*
cpe:2.3:o:mb_connect_line:mymbconnect24:2.20.0:*:*:*:*:*:*:*
Vendors & Products Helmholz
Helmholz myrex24v2
Helmholz myrex24v2.virtual
Helmholz myrex24v2virtual
Mb Connect Line
Mb Connect Line mbconnect24
Mb Connect Line mymbconnect24
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Helmholz Myrex24v2 Myrex24v2.virtual Myrex24v2virtual
Mb Connect Line Mbconnect24 Mymbconnect24
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-05-27T12:02:55.853Z

Reserved: 2026-04-15T09:33:02.610Z

Link: CVE-2026-40814

cve-icon Vulnrichment

Updated: 2026-05-27T12:02:50.630Z

cve-icon NVD

Status : Received

Published: 2026-05-27T08:16:41.777

Modified: 2026-05-27T08:16:41.777

Link: CVE-2026-40814

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T09:30:27Z

Weaknesses