Mymbconnect24 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-32968	3 Helmholz, Mb Connect Line, Mbconnectline	4 Myrex24.virtual, Myrex24 V2, Mb Connect Line Mbconnect24 and 1 more	2026-03-25	9.8 Critical
Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383.
CVE-2024-45273	3 Helmholz, Mb Connect Line, Mbconnectline	35 Myrex24.virtual, Myrex24 V2, Myrex24 V2 Virtual Server and 32 more	2024-11-21	8.4 High
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

« first previous Page 3 of 3.