• 1
  • 2 (current)

MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A)

Multiple vulnerabilities have been found in mymbCONNECT24 and mbCONNECT24.

Update A, 2022-09-07:

  • Affected Products: updated affected versions due to incomplete fixes of some CVEs. See Solution for details.
  • Solution: updated version information.
  • Solution: Added Fix for CVE-2020-35561.
  • Solution: Added MFA remark for CVE-2020-35565.


CVE-2020-35565: 9.8
CVE-2020-10384: 7.8
CVE-2020-35567: 7.8
CVE-2020-12528: 7.7
CVE-2020-35558: 7.5
CVE-2020-35564: 7.5
CVE-2020-35557: 6.5
CVE-2020-12530: 6.1
CVE-2020-35569: 6.1
CVE-2020-35560: 6.1
CVE-2020-35563: 5.4
CVE-2020-35570: 5.3
CVE-2020-35561: 5.3
CVE-2020-12529: 5.3
CVE-2020-35566: 5.3
CVE-2020-12527: 4.3
CVE-2020-35568: 4.3
CVE-2020-35559: 4.3

MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24

An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.9.0.


CVE-2021-34580: 7.5

MB connect line: Privilege escalation in mbDIALUP (Update B)

Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management.

Update A, 2021-11-24

  • corrected fixed version in solution from 3.9R0.4 to 3.9R0.5

Update B, 2022-03-28

  • Updated CVSS score from CVE-2021-33527 from 7.8 to 9.8 due to new information about the vulnerability


CVE-2021-33527: 9.8
CVE-2021-33526: 7.8

MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24, mymbCONNECT24 <= 2.8.0

Two vulnerabilities in mbCONNECT24 and mymbCONNECT24 can lead to information disclosure and arbitrary code execution.

Please consult the CVE entries for details.


CVE-2020-9498: 6.7
CVE-2020-9497: 4.4

MB connect line: multiple products partially affected by DNSpooq

Multiple issues have been identified in dnsmasq < 2.83


CVE-2020-25684: 3.7
CVE-2020-25685: 3.7
CVE-2020-25686: 3.7

MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1

Multiples issues exist in mymbCONNECT24 and mbCONNECT24


CVE-2020-24568: 6.5
CVE-2020-24570: 6.5
CVE-2020-24569: 4.3
  • 1
  • 2 (current)

Feeds

By Vendor

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0