ГлавнаяУязвимости → CVE-2024-45275
9.8критическая

CVE-2024-45275

Описание

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

Затрагиваемое ПО
Mbconnectline Mbnet.mini firmwareMbconnectline Mbnet.miniHelmholz Rex 100 firmwareHelmholz Rex 100
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert.vde.com/en/advisories/VDE-2024-056https://cert.vde.com/en/advisories/VDE-2024-066https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-064.txt