Vulnerabilities > CVE-2020-10383 - Unspecified vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

mbconnectline

critical

NVD

Published: 2020-04-14

Updated: 2022-11-21

Summary

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.

Vulnerable Configurations

Part	Description	Count
Application	Mbconnectline Mbconnectline Mymbconnect24 - Mbconnectline Mymbconnect24 2.5.0 Mbconnectline Mbconnect24 - Mbconnectline Mbconnect24 2.5.0	4

References

https://mbconnectline.com/security-advice/