Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MB Connect Line — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting MB Connect Line. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by MB Connect Line:mbNET.minimbCONNECT24mymbCONNECT24mbDIALUPMB connect line mbCONNECT24mbNET HW1
CVE IDTitleCVSSSeverityPublished
CVE-2026-33617 MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint — mbCONNECT24CWE-497 5.3 Medium2026-04-02
CVE-2026-33616 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the mb24api Endpoint — mbCONNECT24CWE-89 7.5 High2026-04-02
CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint — mbCONNECT24CWE-89 9.1 Critical2026-04-02
CVE-2026-33614 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the getinfo endpoint — mbCONNECT24CWE-89 7.5 High2026-04-02
CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray — mbCONNECT24CWE-78 7.2 High2026-04-02
CVE-2026-32969 Pre-Auth Blind SQLi in userinfo Endpoint — MB connect line mbCONNECT24CWE-89 7.5 High2026-03-23
CVE-2026-32968 Unauthenticated RCE in com_mb24sysapi — MB connect line mbCONNECT24CWE-78 9.8 Critical2026-03-23
CVE-2025-41688 High Privilege RCE via LUA Sandbox Escape — mbNET HW1CWE-653 7.2 High2025-07-31
CVE-2025-41681 Persistent Cross-Site Scripting via POST Requests Due to Improper Neutralization of Input — mbNET.miniCWE-79 4.8 Medium2025-07-21
CVE-2025-41679 Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service — mbNET.miniCWE-787 5.3 Medium2025-07-21
CVE-2025-41678 SQL Injection via POST Requests Allowing Configuration Database Manipulation — mbNET.miniCWE-89 6.5 Medium2025-07-21
CVE-2025-41677 Resource Exhaustion via POST Requests to send-mail Action — mbNET.miniCWE-400 4.9 Medium2025-07-21
CVE-2025-41676 Resource Exhaustion via POST Requests to send-sms Action — mbNET.miniCWE-400 4.9 Medium2025-07-21
CVE-2025-41675 Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization — mbNET.miniCWE-78 7.2 High2025-07-21
CVE-2025-41674 Remote Command Injection in diagnostic Action Due to Improper Input Neutralization — mbNET.miniCWE-78 7.2 High2025-07-21
CVE-2025-41673 Remote Command Injection in send_sms Action Due to Improper Input Neutralization — mbNET.miniCWE-78 7.2 High2025-07-21
CVE-2025-3091 MB connect line: Authorization bypass in mbCONNECT24/mymbCONNECT24 — mbCONNECT24CWE-639 7.5 High2025-06-24
CVE-2025-3090 MB connect line: Missing Authentication in mbCONNECT24/mymbCONNECT24 — mbCONNECT24CWE-306 8.2 High2025-06-24
CVE-2024-23943 MB connect line: Cloud API access due to a lack of authentication for a critical function — mbCONNECT24CWE-306 9.1 Critical2025-03-18
CVE-2024-23942 MB connect line: Configuration File on the client workstation is not encrypted — mbCONNECT24CWE-312 7.1 High2025-03-18
CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice — mbNET.miniCWE-306 7.5 High2024-10-15
CVE-2024-45275 MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords — mbNET.miniCWE-798 9.8 Critical2024-10-15
CVE-2024-45274 MB connect line/Helmholz: Remote code execution via confnet service — mbNET.miniCWE-306 9.8 Critical2024-10-15
CVE-2024-45273 MB connect line/Helmholz: Weak encryption of configuration file — mbNET.miniCWE-261 8.4 High2024-10-15
CVE-2024-45272 MB connect line/Helmholz: Generation of weak passwords vulnerability — mbCONNECT24CWE-1391 7.5 High2024-10-15
CVE-2024-45271 MB connect line/Helmholz: Remote code execution due to improper input validation — mbNET.miniCWE-94 8.4 High2024-10-15
CVE-2023-1779 Helmholz and MB Connect Line: Account takeover via password reset in multiple products — mbCONNECT24CWE-863 4.3 Medium2023-06-06
CVE-2023-0985 Helmholz and MB Connect Line: Account takeover via password reset in multiple products — mbCONNECT24CWE-639 8.8 High2023-06-06
CVE-2022-22520 User enumeration vulnerability in MB connect line and Helmholz products — mymbCONNECT24CWE-204 5.3 Medium2022-09-14
CVE-2021-34580 Remote user enumeration in mymbCONNECT24, mbCONNECT24 <= 2.9.0 — mymbCONNECT24CWE-204 7.5 High2021-10-27

This page lists every published CVE security advisory associated with MB Connect Line. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.