Vulnerabilities > CVE-2021-33527 - Unspecified vulnerability in Mbconnectline Mbdialup 3.9R0.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mbconnectline

NVD

Published: 2021-08-02

Updated: 2024-11-21

Summary

In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.

Vulnerable Configurations

Part	Description	Count
Application	Mbconnectline Mbconnectline Mbdialup - Mbconnectline Mbdialup 3.9R0.0	2

References

https://cert.vde.com/de-de/advisories/vde-2021-017
https://cert.vde.com/de-de/advisories/vde-2021-017