9.8
CVE-2024-45274
- EPSS 3.6%
- Veröffentlicht 15.10.2024 11:15:12
- Zuletzt bearbeitet 03.11.2025 20:16:30
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginMB connect line/Helmholz: Remote code execution via confnet service
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mbconnectline ≫ Mbnet.Mini Firmware Version < 2.3.1
Helmholz ≫ Rex 100 Firmware Version < 2.3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.6% | 0.876 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.