Описание
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
Затрагиваемое ПО
Helmholz Myrex24 v2 virtual serverHelmholz Rex 300 firmwareHelmholz Rex 300Helmholz Rex 200 firmwareHelmholz Rex 200Helmholz Rex 250 firmwareHelmholz Rex 250Mbconnectline Mbconnect24Mbconnectline Mymbconnect24Mbconnectline Mbspider mdh 905 firmwareMbconnectline Mbspider mdh 905Mbconnectline Mbspider mdh 915 firmwareMbconnectline Mbspider mdh 915Mbconnectline Mbspider mdh 906 firmwareMbconnectline Mbspider mdh 906Mbconnectline Mbspider mdh 916 firmwareMbconnectline Mbspider mdh 916Mbconnectline Mbnet hw1 firmwareMbconnectline Mbnet hw1Mbconnectline Mbnet firmwareMbconnectline MbnetMbconnectline Mbnet.rokey firmwareMbconnectline Mbnet.rokey
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Источники
https://cert.vde.com/en/advisories/VDE-2024-068https://cert.vde.com/en/advisories/VDE-2024-069https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-061.txt