Mbnet.mini Firmware Security Vulnerabilities and Issues — Mbnet.mini Firmware CVE List

Lucene search

MbconnectlineMbnet.mini Firmware

5 matches found

CVE•added 2024/10/15 11:15 a.m.•60 views

CVE-2024-45274

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.

9.8CVSS9.8AI score0.00543EPSS

CVE•added 2024/10/15 11:15 a.m.•58 views

CVE-2024-45275

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

9.8CVSS9.8AI score0.00436EPSS

CVE•added 2024/10/15 11:15 a.m.•43 views

CVE-2024-45273

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

8.4CVSS8AI score0.0002EPSS

CVE•added 2024/10/15 11:15 a.m.•43 views

CVE-2024-45276

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.

7.5CVSS7.4AI score0.00353EPSS

CVE•added 2024/10/15 11:15 a.m.•42 views

CVE-2024-45271

An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.

8.4CVSS8.1AI score0.00036EPSS