Product
mbconnectline mbconnect24
38 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-33617
CVE-2026-33616
CVE-2026-33615
CVE-2026-33614
CVE-2026-33613
CVE-2024-45273
CVE-2024-45272
CVE-2023-4834
CVE-2023-1779
CVE-2023-0985
CVE-2022-22520
CVE-2021-34580
CVE-2021-34575
CVE-2021-34574
CVE-2020-12530
CVE-2020-12529
CVE-2020-12528
CVE-2020-12527
CVE-2020-35570
CVE-2020-35569
CVE-2020-35568
CVE-2020-35567
CVE-2020-35566
CVE-2020-35565
CVE-2020-35564
CVE-2020-35563
CVE-2020-35561
CVE-2020-35560
CVE-2020-35559
CVE-2020-35558
CVE-2020-35557
CVE-2020-24568
CVE-2020-24570
CVE-2020-24569
CVE-2020-10384
CVE-2020-10383
CVE-2020-10382
CVE-2020-10381
<= 2.19.4
An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss
<= 2.19.4
An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to
<= 2.19.4
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to impro
<= 2.19.4
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to impro
<= 2.19.4
Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability i
< 2.16.3
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementa
< 2.16.3
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high ch
<= 2.14.2
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improper
<= 2.13.3
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmh
<= 2.13.3
An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.
<= 2.11.2
A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mym
<= 2.9.0
In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response
<= 2.8.0
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking w
<= 2.11.2
In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenti
<= 2.6.2
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS
<= 2.6.2
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF i
<= 2.6.2
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of
<= 2.11.2
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions thr
<= 2.11.2
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted c
<= 2.11.2
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions thr
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for da
<= 2.11.2
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions thr
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is di
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing
<= 2.11.2
An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions throug
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect
<= 2.6.2
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an
<= 2.11.2
An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. The
<= 2.11.2
An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 al
<= 2.6.1
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lanc
<= 2.6.1
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF
<= 2.6.1
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knxi
<= 2.6.1
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a lo
<= 2.5.0
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an u
<= 2.5.0
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an a
<= 2.5.0
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an u