CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45276 – MB connect line/Helmholz: tmp directory exposed via webservice
https://notcve.org/view.php?id=CVE-2024-45276
15 Oct 2024 — An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. Un atacante remoto no autenticado puede obtener acceso de lectura a los archivos en el directorio "/tmp" debido a la falta de autenticación. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-306: Missing Authentication for Critical Function CWE-552: Files or Directories Accessible to External Parties •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45275 – MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords
https://notcve.org/view.php?id=CVE-2024-45275
15 Oct 2024 — The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45274 – MB connect line/Helmholz: Remote code execution via confnet service
https://notcve.org/view.php?id=CVE-2024-45274
15 Oct 2024 — An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. Un atacante remoto no autenticado puede ejecutar comandos del sistema operativo a través de UDP en el dispositivo debido a la falta de autenticación. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.4EPSS: 0%CPEs: 11EXPL: 0CVE-2024-45273 – MB connect line/Helmholz: Weak encryption of configuration file
https://notcve.org/view.php?id=CVE-2024-45273
15 Oct 2024 — An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. Un atacante local no autenticado puede descifrar el archivo de configuración del dispositivo y, por lo tanto, comprometer el dispositivo debido a una implementación débil del cifrado utilizado. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-261: Weak Encoding for Password •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45272 – MB connect line/Helmholz: Generation of weak passwords vulnerability
https://notcve.org/view.php?id=CVE-2024-45272
15 Oct 2024 — An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost. Un atacante remoto no autenticado puede realizar un ataque de fuerza bruta a las credenciales del portal de servicio remoto con una alta probabilidad de éxito, lo que da como resultado la pérdida de la conexión. • https://cert.vde.com/en/advisories/VDE-2024-068 • CWE-1391: Use of Weak Credentials •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45271 – MB connect line/Helmholz: Remote code execution due to improper input validation
https://notcve.org/view.php?id=CVE-2024-45271
15 Oct 2024 — An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. Un atacante local no autenticado puede obtener privilegios de administrador al implementar un archivo de configuración debido a una validación de entrada incorrecta. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-20: Improper Input Validation CWE-116: Improper Encoding or Escaping of Output •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2024-5672 – Red Lion Europe: mbNET.mini vulnerable to OS command injection
https://notcve.org/view.php?id=CVE-2024-5672
03 Jul 2024 — A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command. A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command. Helmholz Industrial Router REX100 and MBConnectline mbNET.mini versions 2.2.11 and below suffer from a command injection vulnerability. • https://packetstorm.news/files/id/179369 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4834
https://notcve.org/view.php?id=CVE-2023-4834
16 Oct 2023 — In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he should not have access to. En Red Lion Europe mbCONNECT24 y mymbCONNECT24 y Helmholz myREX24 y myREX24.virtual hasta la versión 2.14.2 incluida, una validación de acceso implementada incorrectamente permite a un atacante... • https://cert.vde.com/en/advisories/VDE-2023-041 • CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: 34EXPL: 0CVE-2023-34412 – Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
https://notcve.org/view.php?id=CVE-2023-34412
17 Aug 2023 — A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). • https://cert.vde.com/en/advisories/VDE-2023-012 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22520 – User enumeration vulnerability in MB connect line and Helmholz products
https://notcve.org/view.php?id=CVE-2022-22520
14 Sep 2022 — A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Un atacante remoto no autenticado puede enumerar usuarios válidos mediante el envío de peticiones específicas al webservice de la línea de conexión MB mymbCONNECT24, mbCONNECT24 y Helmholz myREX24 y myREX24.virtual en todas las versiones hasta v2.11.2 • https://cert.vde.com/en/advisories/VDE-2022-011 • CWE-204: Observable Response Discrepancy •