Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Exposure in mymbCONNECT24, mbCONNECT24 <= 2.8.0
Vulnerability Description
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过差异性导致的信息暴露
Vulnerability Title
MB connect line 多款产品 信息泄露漏洞
Vulnerability Description
Mb Connect Line MB CONNECT LINE mbCONNECT24是德国MB CONNECT LINE(Mb Connect Line)公司的一套远程服务门户网站。该产品支持远程接入、数据记录和报警等功能。 MB connect line 多款产品存在信息泄露漏洞,该漏洞源于 2.8.0 版本及之前版本的 mymbCONNECT24、mbCONNECT24 中,未经身份验证的用户可以通过检查服务器发送的响应类型来枚举有效用户。
CVSS Information
N/A
Vulnerability Type
N/A