Myrex24.virtual Security Vulnerabilities and Issues — Myrex24.virtual CVE List

Lucene search

HelmholzMyrex24.virtual

4 matches found

CVE•added 2022/09/14 2:15 p.m.•53 views

CVE-2022-22520

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.

5.3CVSS5.3AI score0.00221EPSS

CVE•added 2021/02/16 4:15 p.m.•46 views

CVE-2020-35566

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion.

5.3CVSS5.7AI score0.00411EPSS

CVE•added 2021/02/16 4:15 p.m.•41 views

CVE-2020-35570

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An unauthenticated attacker is able to access files (that should have been restricted) via forceful browsing.

5.3CVSS5.9AI score0.01214EPSS

CVE•added 2021/02/16 4:15 p.m.•35 views

CVE-2020-35561

An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports.

5.3CVSS5.7AI score0.01214EPSS