An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2021-003 | Third Party Advisory |
https://cert.vde.com/en/advisories/VDE-2022-039 | Third Party Advisory |
https://mbconnectline.com/security-advice/ | Vendor Advisory |
Configurations
History
16 Feb 2023, 04:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Helmholz
Helmholz myrex24 Helmholz myrex24.virtual |
|
CPE | cpe:2.3:a:helmholz:myrex24.virtual:*:*:*:*:*:*:*:* cpe:2.3:a:helmholz:myrex24:*:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://cert.vde.com/en/advisories/VDE-2021-003 - Third Party Advisory | |
References | (CONFIRM) https://cert.vde.com/en/advisories/VDE-2022-039 - Third Party Advisory |
14 Sep 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion. | |
References |
|
|
19 Feb 2021, 20:47
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://cert.vde.com/de-de/advisories/vde-2021-003 - Third Party Advisory | |
References | (MISC) https://mbconnectline.com/security-advice/ - Vendor Advisory | |
CPE | cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:* cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CWE | CWE-706 |
16 Feb 2021, 16:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-16 16:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-35566
Mitre link : CVE-2020-35566
CVE.ORG link : CVE-2020-35566
JSON object : View
Products Affected
helmholz
- myrex24.virtual
- myrex24
mbconnectline
- mymbconnect24
- mbconnect24
CWE
CWE-706
Use of Incorrectly-Resolved Name or Reference