Lucene search
+L

135 matches found

CVE
CVE
added 2021/08/02 10:24 a.m.46 views

CVE-2021-34574

CVE-2021-34574 affects MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24 and myREX24.virtual up to version 2.11.2. An authenticated attacker can change their account password by intercepting and modifying the password-change request sent to the server, bypassing the password ...

4.3CVSS4.6AI score0.00659EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2021/08/02 12:0 a.m.5 views

PT-2021-20556 · Unknown · Mbconnect24 +2

Name of the Vulnerable Software and Affected Versions: mymbCONNECT24 versions through 2.11.2 mbCONNECT24 versions through 2.11.2 Helmholz myREX24 versions through 2.11.2 myREX24.virtual versions through 2.11.2 Description: An authenticated attacker can change the password of their account into a...

4.3CVSS4.6AI score0.00659EPSS
Exploits0References5
CNVD
CNVD
added 2021/03/16 12:0 a.m.21 views

MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 Cross-Site Scripting Vulnerability (CNVD-2021-56802)

MB CONNECT LINE mymbCONNECT24 is an internal remote maintenance solution for virtual environments from the German company MB CONNECT LINE Mb Connect Line. MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 are vulnerable to cross-site scripting. No detailed vulnerability details are currently availabl...

6.1CVSS1.7AI score0.0063EPSS
Exploits0References1
NVD
NVD
added 2021/03/02 10:15 p.m.29 views

CVE-2020-12527

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions...

6.8CVSS0.01006EPSS
Exploits0References2
NVD
NVD
added 2021/03/02 10:15 p.m.19 views

CVE-2020-12530

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter...

6.1CVSS0.00624EPSS
Exploits0References1
NVD
NVD
added 2021/03/02 10:15 p.m.19 views

CVE-2020-12529

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports...

5.8CVSS0.00807EPSS
Exploits0References1
Prion
Prion
added 2021/03/02 10:15 p.m.18 views

Improper access control

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions...

6.8CVSS7AI score0.01006EPSS
Exploits0References2Affected Software4
Prion
Prion
added 2021/03/02 10:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports...

5CVSS6.1AI score0.00807EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2021/03/02 9:15 p.m.52 views

CVE-2020-12530

MB Connect Line MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 (all versions up to 2.6.2) are affected by a cross-site scripting (XSS) vulnerability in redirect.php that lets an attacker inject code through a GET parameter. The issue is documented across NVD, CVE records, and related advisories, i...

6.1CVSS5.8AI score0.00624EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2021/03/02 9:15 p.m.43 views

CVE-2020-12528

The CVE-2020-12528 vulnerability affects MB connect line MB CONNECT LINE products mymbCONNECT24 and mbCONNECT24 up to version 2.6.2. It is caused by improper access validation that can allow a logged-in user to kill web2go sessions in an account they should not access. Public sources (CISA ICSA-2...

7.7CVSS7.3AI score0.00831EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2021/03/02 9:15 p.m.52 views

CVE-2020-12529

MB connect line MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 contain a Server-Side Request Forgery (SSRF) vulnerability in the LDAP access check (CVE-2020-12529) that can enable an attacker to scan for open ports. Affected: all versions up to 2.6.2. Root cause: SSRF in LDAP access validation. Im...

5.8CVSS5.1AI score0.00807EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/03/02 9:15 p.m.32 views

CVE-2020-12527 Improper Access Validation in products of MB connect line and Helmholz

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions...

6.5CVSS6.4AI score0.01006EPSS
Exploits0References2
CVE
CVE
added 2021/03/02 9:15 p.m.61 views

CVE-2020-12527

CVE-2020-12527 affects MB connect line products: mymbCONNECT24, mbCONNECT24, Helmholz myREX24, and myREX24.virtual (versions up to v2.11.2). The root cause is improper access validation that lets a logged-in user perform privileged actions (shutdown/reboot) on devices in their account without the...

6.8CVSS6.7AI score0.01006EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2021/03/02 12:0 a.m.5 views

mymbCONNECT24 安全漏洞

Mb Connect Line MB CONNECT LINE mymbCONNECT24 is an in-house remote maintenance solution for virtual environments from MB CONNECT LINE Mb Connect Line, Germany. A security vulnerability exists in mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2, which stems from the improper...

7.7CVSS7.5AI score0.00831EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/02 12:0 a.m.5 views

MB CONNECT LINE mymbCONNECT24 跨站脚本漏洞

Mb Connect Line MB CONNECT LINE mymbCONNECT24 is an in-house remote maintenance solution for virtual environments from MB CONNECT LINE Mb Connect Line, Germany. A cross-site scripting vulnerability exists in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2,...

6.1CVSS6.1AI score0.00624EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/02 12:0 a.m.5 views

MB CONNECT LINE mymbCONNECT24e 代码问题漏洞

Mb Connect Line MB CONNECT LINE mymbCONNECT24 is an in-house remote maintenance solution for virtual environments from MB CONNECT LINE Mb Connect Line, Germany. A server-side request forgery vulnerability exists in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24, which can be exploited by a remote...

5.8CVSS6AI score0.00807EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/03/02 12:0 a.m.6 views

PT-2021-2244 · Helmholz +1 · Myrex24.Virtual +2

Name of the Vulnerable Software and Affected Versions: MB connect line mymbCONNECT24 versions through v2.11.2 mbCONNECT24 versions through v2.11.2 Helmholz myREX24 versions through v2.11.2 Helmholz myREX24.virtual versions through v2.11.2 Description: The issue is related to improper access...

7.5CVSS6.3AI score0.01006EPSS
Exploits0References10
CNVD
CNVD
added 2021/02/25 12:0 a.m.7 views

Unspecified vulnerability in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 (CNVD-2021-17234)

Mb Connect Line MB CONNECT LINE mymbCONNECT24 is an in-house remote maintenance solution for virtual environments from MB CONNECT LINE Mb Connect Line, Germany. A security vulnerability exists in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24, no details of the vulnerability are provided at this...

9.8CVSS7AI score0.01051EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 4:15 p.m.7 views

CVE-2020-35565

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default...

9.8CVSS7.3AI score0.01051EPSS
Exploits0References2
NVD
NVD
added 2021/02/16 4:15 p.m.25 views

CVE-2020-35570

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An unauthenticated attacker is able to access files that should have been restricted via forceful browsing...

5.3CVSS0.01249EPSS
Exploits0References3
Rows per page
Query Builder