VDE-2024-010
Aug. 27, 2025, 12:00 PM
The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and …
VDE-2024-056
Aug. 27, 2025, 12:00 PM
Multiple vulnerabilities have been discovered in MB connect line mbNET.mini product allowing for RCE or unauthorized file access.
VDE-2024-068
March 6, 2026, 9:00 AM
Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products. CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, …
VDE-2024-030
July 3, 2024, 11:00 AM
There exists a vulnerability in all mbNET.mini devices with firmware <= 2.2.11 that allows an authenticated attacker to execute arbitrary system commands via GET requests. Update: 03.07.2024 3:30 pm …
VDE-2023-041
Oct. 16, 2023, 10:38 AM
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain …
VDE-2023-012
Aug. 17, 2023, 2:00 PM
A stored XXS vulnerability has been found in mbNET and mbNET/.rokey in all versions before 7.3.2.
VDE-2024-042
Aug. 17, 2023, 2:00 PM
Several Red Lion Europe products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".
VDE-2023-002
May 14, 2025, 3:00 PM
Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.