Mbconnectline Mymbconnect24 — known CVE vulnerabilities
Every CVE whose affected-product data names Mbconnectline Mymbconnect24, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (38)
CVE-2020-10383 — CVSS 9.8 (critical): An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an…
CVE-2020-35565 — CVSS 9.8 (critical): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by…
CVE-2026-33615 — CVSS 9.1 (critical): An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper…
CVE-2023-0985 — CVSS 8.8 (high): An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual…
CVE-2020-10382 — CVSS 8.8 (high): An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an…
CVE-2024-45273 — CVSS 8.4 (high): An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of…
CVE-2020-10384 — CVSS 7.8 (high): An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local…
CVE-2020-35567 — CVSS 7.8 (high): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database…
CVE-2020-35558 — CVSS 7.5 (high): An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. There is an…
CVE-2021-34580 — CVSS 7.5 (high): In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the…
CVE-2024-45272 — CVSS 7.5 (high): An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of…
CVE-2026-33616 — CVSS 7.5 (high): An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper…
CVE-2021-34575 — CVSS 7.5 (high): In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind…
CVE-2026-33614 — CVSS 7.5 (high): An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper…
CVE-2020-35564 — CVSS 7.5 (high): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing…
CVE-2026-33613 — CVSS 7.2 (high): Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the…
CVE-2020-35557 — CVSS 6.5 (medium): An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a…
CVE-2020-12527 — CVSS 6.5 (medium): An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through…
CVE-2020-24570 — CVSS 6.5 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the…
CVE-2020-24568 — CVSS 6.5 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lancompenent…
CVE-2020-12528 — CVSS 6.5 (medium): An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access…
CVE-2020-35560 — CVSS 6.1 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the…
CVE-2020-35569 — CVSS 6.1 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted cookie in…
CVE-2020-12529 — CVSS 5.8 (medium): An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the…
CVE-2020-35563 — CVSS 5.4 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing an…
CVE-2026-33617 — CVSS 5.3 (medium): An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of…
CVE-2020-35561 — CVSS 5.3 (medium): An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through…
CVE-2020-35566 — CVSS 5.3 (medium): An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through…
CVE-2020-35570 — CVSS 5.3 (medium): An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. An…
CVE-2022-22520 — CVSS 5.3 (medium): A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line…
CVE-2020-10381 — CVSS 5.3 (medium): An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an…
CVE-2023-1779 — CVSS 4.3 (medium): Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz'…
CVE-2021-34574 — CVSS 4.3 (medium): In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated…
CVE-2020-35568 — CVSS 4.3 (medium): An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through…
CVE-2020-35559 — CVSS 4.3 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an…
CVE-2020-24569 — CVSS 4.3 (medium): An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport…
CVE-2020-12530 — CVSS 4.3 (medium): An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in…
CVE-2023-4834 — CVSS 4.3 (medium): In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly…