• 1 (current)
  • 2

MB connect line: Multiple Vulnerabilities in mbNET.mini Product

Multiple vulnerabilities have been discovered in MB connect line mbNET.mini product allowing for RCE or unauthorized file access.


CVE-2024-45274: 9.8
CVE-2024-45275: 9.8
CVE-2024-45271: 8.4
CVE-2024-45273: 8.4
CVE-2024-45276: 7.5

MB connect line: Multiple Vulnerabilities in MB connect line Products

Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products, while CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.


CVE-2024-45273: 8.4
CVE-2024-45272: 7.5

MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24

Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.


CVE-2023-0985: 8.8
CVE-2023-1779: 4.3

MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24

An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.11.2.


CVE-2022-22520: 5.3

MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A)

Two issues have been discovered in mymbCONNECT24 and mbCONNECT24 in all versions
including V2.8.0.

Update A, 2022-09-07:

  • Updated affected versions (and solution) due to incomplete fixes in previous versions


CVE-2021-34575: 7.5
CVE-2021-34574: 4.3

MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A)

Multiple vulnerabilities have been found in mymbCONNECT24 and mbCONNECT24.

Update A, 2022-09-07:

  • Affected Products: updated affected versions due to incomplete fixes of some CVEs. See Solution for details.
  • Solution: updated version information.
  • Solution: Added Fix for CVE-2020-35561.
  • Solution: Added MFA remark for CVE-2020-35565.


CVE-2020-35565: 9.8
CVE-2020-10384: 7.8
CVE-2020-35567: 7.8
CVE-2020-12528: 7.7
CVE-2020-35558: 7.5
CVE-2020-35564: 7.5
CVE-2020-35557: 6.5
CVE-2020-12530: 6.1
CVE-2020-35569: 6.1
CVE-2020-35560: 6.1
CVE-2020-35563: 5.4
CVE-2020-35570: 5.3
CVE-2020-35561: 5.3
CVE-2020-12529: 5.3
CVE-2020-35566: 5.3
CVE-2020-12527: 4.3
CVE-2020-35568: 4.3
CVE-2020-35559: 4.3

MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24

An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.9.0.


CVE-2021-34580: 7.5

MB connect line: Privilege escalation in mbDIALUP (Update B)

Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management.

Update A, 2021-11-24

  • corrected fixed version in solution from 3.9R0.4 to 3.9R0.5

Update B, 2022-03-28

  • Updated CVSS score from CVE-2021-33527 from 7.8 to 9.8 due to new information about the vulnerability


CVE-2021-33527: 9.8
CVE-2021-33526: 7.8
  • 1 (current)
  • 2

Feeds

By Vendor

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0