mbNET.mini — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in mbNET.mini, with AI-generated Chinese analysis, references, and POCs.

Vendor: Red Lion Europe

CVE ID	Title	CVSS	Severity	Paused
CVE-2025-41681	Persistent Cross-Site Scripting via POST Requests Due to Improper Neutralization of Input CWE-79	4.8	Medium	2025-07-21
CVE-2025-41679	Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service CWE-787	5.3	Medium	2025-07-21
CVE-2025-41678	SQL Injection via POST Requests Allowing Configuration Database Manipulation CWE-89	6.5	Medium	2025-07-21
CVE-2025-41677	Resource Exhaustion via POST Requests to send-mail Action CWE-400	4.9	Medium	2025-07-21
CVE-2025-41676	Resource Exhaustion via POST Requests to send-sms Action CWE-400	4.9	Medium	2025-07-21
CVE-2025-41675	Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization CWE-78	7.2	High	2025-07-21
CVE-2025-41674	Remote Command Injection in diagnostic Action Due to Improper Input Neutralization CWE-78	7.2	High	2025-07-21
CVE-2025-41673	Remote Command Injection in send_sms Action Due to Improper Input Neutralization CWE-78	7.2	High	2025-07-21
CVE-2024-45276	MB connect line/Helmholz: tmp directory exposed via webservice CWE-306	7.5	High	2024-10-15
CVE-2024-45275	MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords CWE-798	9.8	Critical	2024-10-15
CVE-2024-45274	MB connect line/Helmholz: Remote code execution via confnet service CWE-306	9.8	Critical	2024-10-15
CVE-2024-45273	MB connect line/Helmholz: Weak encryption of configuration file CWE-261	8.4	High	2024-10-15
CVE-2024-45271	MB connect line/Helmholz: Remote code execution due to improper input validation CWE-94	8.4	High	2024-10-15
CVE-2024-5672	Red Lion Europe: mbNET.mini vulnerable to OS command injection CWE-78	7.2	High	2024-07-03

All 14 known CVE vulnerabilities affecting mbNET.mini with full Chinese analysis, references, and POCs where available.