CVE-2024-45275

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:*

History

17 Oct 2024, 17:39

Type Values Removed Values Added
First Time Mbconnectline
Mbconnectline mbnet.mini Firmware
Helmholz
Helmholz rex 100
Helmholz rex 100 Firmware
Mbconnectline mbnet.mini
References () https://cert.vde.com/en/advisories/VDE-2024-056 - () https://cert.vde.com/en/advisories/VDE-2024-056 - Third Party Advisory
References () https://cert.vde.com/en/advisories/VDE-2024-066 - () https://cert.vde.com/en/advisories/VDE-2024-066 - Third Party Advisory
CPE cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*
cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:*

15 Oct 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados.

15 Oct 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-15 11:15

Updated : 2024-10-17 17:39


NVD link : CVE-2024-45275

Mitre link : CVE-2024-45275

CVE.ORG link : CVE-2024-45275


JSON object : View

Products Affected

helmholz

  • rex_100_firmware
  • rex_100

mbconnectline

  • mbnet.mini
  • mbnet.mini_firmware
CWE
CWE-798

Use of Hard-coded Credentials