Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45273 | 2 Helmholz, Mbconnectline | 27 Myrex24 V2 Virtual Server, Rex 100, Rex 100 Firmware and 24 more | 2024-11-21 | N/A | 8.4 HIGH |
|
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.
|
|||||
| CVE-2024-45272 | 2 Helmholz, Mbconnectline | 23 Myrex24 V2 Virtual Server, Rex 200, Rex 200 Firmware and 20 more | 2024-11-21 | N/A | 7.5 HIGH |
|
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
|
|||||
| CVE-2023-34412 | 2 Helmholz, Redlion | 34 Rex 200, Rex 200 Firmware, Rex 250 and 31 more | 2024-11-21 | N/A | 4.8 MEDIUM |
|
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an
authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).
|
|||||