CVE-2026-40842— Authenticated SQLi in getWidgetTags function
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40842
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated SQLi in getWidgetTags function
Source: NVD (National Vulnerability Database)
Vulnerability Description
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| MB connect line | mbCONNECT24 | 0.0.0 ~ 2.20.0 | - | |
| MB connect line | mymbCONNECT24 | 0.0.0 ~ 2.20.0 | - | |
| MB connect line | mbCONNECT24 | 2.20.0 | - | |
| MB connect line | mymbCONNECT24 | 2.20.0 | - | |
| Helmholz | myREX24V2 | 0.0.0 ~ 2.20.0 | - | |
| Helmholz | myREX24V2.virtual | 0.0.0 ~ 2.20.0 | - | |
| Helmholz | myREX24V2 | 2.20.0 | - | |
| Helmholz | myREX24V2.virtual | 2.20.0 | - |
II. Public POCs for CVE-2026-40842
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40842
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-40842 (1)
Same Patch Batch · MB connect line · 2026-05-27 · 42 CVEs total
| CVE-2026-40851 | 8.4 HIGH | Command injection via USB |
| CVE-2026-40810 | 7.5 HIGH | Unauthenticated SQLi in userinfo Endpoint |
| CVE-2026-40850 | 7.5 HIGH | Unauthenticated SQLi in getAccountData function |
| CVE-2026-40816 | 7.5 HIGH | Unauthenticated SQLi in _mb24confi_getTagAlarm function |
| CVE-2026-40812 | 7.5 HIGH | Unauthenticated SQLi in getLiveValues function |
| CVE-2026-40811 | 7.5 HIGH | Unauthenticated SQLi in ssoabstractservice |
| CVE-2026-40813 | 7.5 HIGH | Unauthenticated SQLi in getLiveValues |
| CVE-2026-40818 | 7.5 HIGH | Unauthenticated SQLi in _mb24confi_getDevice function function |
| CVE-2026-40814 | 7.5 HIGH | Unauthenticated SQLi in _mb24confi_getTagAlarm function |
| CVE-2026-40817 | 7.5 HIGH | Unauthenticated SQLi in getAlarmProfiles function |
| CVE-2026-40819 | 7.5 HIGH | Unauthenticated SQLi in sync_data24 task |
| CVE-2026-40815 | 7.5 HIGH | Unauthenticated SQLi in _mb24api_getUserAccount function |
| CVE-2026-40852 | 7.2 HIGH | Command injection via malicious configuration |
| CVE-2026-40833 | 7.1 HIGH | Authenticated SQLi in saveDashboardLayout function |
| CVE-2026-40836 | 7.1 HIGH | Authenticated SQLi in inmessage model |
| CVE-2026-40834 | 7.1 HIGH | Authenticated SQLi in saveDashboardLayout function |
| CVE-2026-40849 | 6.5 MEDIUM | Authenticated SQLi in user_alarmprofile view |
| CVE-2026-40832 | 6.5 MEDIUM | Authenticated SQLi in getDevicegroups function |
| CVE-2026-40839 | 6.5 MEDIUM | Authenticated SQLi in getComponentScalings function |
| CVE-2026-40841 | 6.5 MEDIUM | Authenticated SQLi in getProjectTags function |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-89
- CVE-2026-44521
elFinder: SQL Injection MySQL Volume Driver (elFinderVolumeM - CVE-2026-49046
WordPress Duplicate Page and Post plugin <= 2.9.5 - SQL Inje - CVE-2026-9617
PostgreSQL Anonymizer: malicious column name allows SQL inje - CVE-2026-42755
WordPress TableOn plugin <= 1.0.5.1 - SQL Injection vulnerab - CVE-2026-42761
WordPress Active Products Tables for WooCommerce plugin <= 1
V. Comments for CVE-2026-40842
No comments yet