The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-056 | Third Party Advisory |
https://cert.vde.com/en/advisories/VDE-2024-066 | Third Party Advisory |
Configurations
History
17 Oct 2024, 17:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mbconnectline
Mbconnectline mbnet.mini Firmware Helmholz Helmholz rex 100 Helmholz rex 100 Firmware Mbconnectline mbnet.mini |
|
References | () https://cert.vde.com/en/advisories/VDE-2024-056 - Third Party Advisory | |
References | () https://cert.vde.com/en/advisories/VDE-2024-066 - Third Party Advisory | |
CPE | cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:* cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:* |
15 Oct 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
15 Oct 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-15 11:15
Updated : 2024-10-17 17:39
NVD link : CVE-2024-45275
Mitre link : CVE-2024-45275
CVE.ORG link : CVE-2024-45275
JSON object : View
Products Affected
helmholz
- rex_100_firmware
- rex_100
mbconnectline
- mbnet.mini
- mbnet.mini_firmware
CWE
CWE-798
Use of Hard-coded Credentials