CVE-2024-45275

MB connect line/Helmholz: Hardcoded user accounts with hard-coded passwords

Description

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

INFO

Published Date :

2024-10-15T10:28:37.223Z

Last Modified :

2024-10-16T17:39:58.106Z

Source :

CERTVDE

AFFECTED PRODUCTS

The following products are affected by CVE-2024-45275 vulnerability.

Vendors	Products
Helmholz	Rex 100 Rex 100 Firmware
Mb Connect Line	Mbnet.mini
Mbconnectline	Mbnet.mini Mbnet.mini Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45275.

URL	Resource
https://cert.vde.com/en/advisories/VDE-2024-056
https://cert.vde.com/en/advisories/VDE-2024-066
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-064.txt

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact