Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

mbCONNECT24 — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in mbCONNECT24, with AI-generated Chinese analysis, references, and POCs.

Vendor: MB Connect Line

CVE IDTitleCVSSSeverityPublished
CVE-2026-33617 MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint CWE-497 5.3 Medium2026-04-02
CVE-2026-33616 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the mb24api Endpoint CWE-89 7.5 High2026-04-02
CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint CWE-89 9.1 Critical2026-04-02
CVE-2026-33614 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the getinfo endpoint CWE-89 7.5 High2026-04-02
CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray CWE-78 7.2 High2026-04-02
CVE-2025-3091 MB connect line: Authorization bypass in mbCONNECT24/mymbCONNECT24 CWE-639 7.5 High2025-06-24
CVE-2025-3090 MB connect line: Missing Authentication in mbCONNECT24/mymbCONNECT24 CWE-306 8.2 High2025-06-24
CVE-2024-23943 MB connect line: Cloud API access due to a lack of authentication for a critical function CWE-306 9.1 Critical2025-03-18
CVE-2024-23942 MB connect line: Configuration File on the client workstation is not encrypted CWE-312 7.1 High2025-03-18
CVE-2024-45272 MB connect line/Helmholz: Generation of weak passwords vulnerability CWE-1391 7.5 High2024-10-15
CVE-2023-4834 MB connect line mbCONNECT24和mymbCONNECT24 安全漏洞 CWE-269 4.3 Medium2023-10-16
CVE-2023-1779 Helmholz and MB Connect Line: Account takeover via password reset in multiple products CWE-863 4.3 Medium2023-06-06
CVE-2023-0985 Helmholz and MB Connect Line: Account takeover via password reset in multiple products CWE-639 8.8 High2023-06-06

All 13 known CVE vulnerabilities affecting mbCONNECT24 with full Chinese analysis, references, and POCs where available.