Mymbconnect24 Security Vulnerabilities and Issues — Mymbconnect24 CVE List

Lucene search

MbconnectlineMymbconnect24

4 matches found

CVE•added 2020/04/14 5:15 p.m.•34 views

CVE-2020-10382

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an authenticated remote code execution in the backup-scheduler.

8.8CVSS8.8AI score0.02398EPSS

CVE•added 2020/04/14 5:15 p.m.•31 views

CVE-2020-10381

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated SQL injection in DATA24, allowing attackers to discover database and table names.

5.3CVSS5.9AI score0.00435EPSS

CVE•added 2020/04/14 6:15 p.m.•31 views

CVE-2020-10384

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root account.

7.8CVSS7.7AI score0.00109EPSS

CVE•added 2020/04/14 5:15 p.m.•29 views

CVE-2020-10383

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.

9.8CVSS9.8AI score0.02486EPSS