Skip to main content

Mbconnect24 CVE-2026-33616

| EUVDEUVD-2026-18178 HIGH
SQL Injection (CWE-89)
2026-04-02 CERTVDE GHSA-4cxq-66m5-gvgm
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Re-analysis Queued
Apr 16, 2026 - 15:52 vuln.today
cvss_changed
EUVD ID Assigned
Apr 02, 2026 - 09:30 euvd
EUVD-2026-18178
Analysis Generated
Apr 02, 2026 - 09:30 vuln.today
CVE Published
Apr 02, 2026 - 08:59 nvd
HIGH 7.5

DescriptionCVE.org

An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

AnalysisAI

Blind SQL injection in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows unauthenticated remote attackers to extract sensitive database contents via the mb24api endpoint. The vulnerability enables complete confidentiality breach through crafted SQL SELECT commands with CVSS 7.5 (High). EPSS data not available; no public exploit identified at time of analysis. Vendor advisory published by CERT@VDE with remediation guidance.

Technical ContextAI

This vulnerability affects the MB Connect Line mbCONNECT24 and mymbCONNECT24 industrial IoT remote access platforms, which enable secure connectivity to industrial equipment and machines. The flaw resides in the mb24api endpoint, a component likely used for API communications or mobile device integration. The vulnerability is classified as CWE-89 (SQL Injection), specifically a blind SQL injection variant where attackers cannot directly see query results but can infer data through timing, boolean logic, or error-based techniques. The application fails to properly sanitize or parameterize user-supplied input before incorporating it into SQL SELECT statements, allowing attackers to manipulate query logic. Given the industrial IoT context, the affected database likely contains sensitive operational data, device credentials, authentication tokens, customer information, or configuration details for connected industrial systems.

RemediationAI

Organizations should immediately consult the vendor security advisory published by CERT@VDE at https://certvde.com/de/advisories/VDE-2026-030 and the machine-readable CSAF document at https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json for specific patching instructions and fixed versions. Patch availability and exact remediation versions are not independently confirmed from available data; customers must reference the official MB Connect Line advisory for update procedures. As an immediate compensating control, restrict network access to the mb24api endpoint using firewall rules, IP allowlisting, or VPN requirements to limit exposure to trusted sources only. Implement web application firewall (WAF) rules to detect and block SQL injection attempts targeting the endpoint. Monitor database and application logs for suspicious SQL query patterns, unusual data access volumes, or attempts to manipulate SELECT statement logic. Given the industrial IoT context, coordinate remediation with operational technology teams to minimize production disruption during patching windows.

CVE-2020-10383 CRITICAL
9.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat

CVE-2026-33615 CRITICAL
9.1 Apr 02

SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 platforms allows unauthenticated remote attackers to ex

CVE-2023-0985 HIGH
8.8 Jun 06

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and

CVE-2020-10382 HIGH
8.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat

CVE-2026-10521 HIGH
8.6 Jun 23

Privileged remote modification of critical program parameters in MB connect line mbCONNECT24 and mymbCONNECT24 allows au

CVE-2024-45273 HIGH
7.8 Oct 15

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak

CVE-2020-10384 HIGH
7.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. Rat

CVE-2026-33614 HIGH
7.5 Apr 02

SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 products allows unauthenticated remote attackers to ext

CVE-2024-45272 HIGH
7.5 Oct 15

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with

CVE-2021-34580 HIGH
7.5 Oct 27

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind o

CVE-2021-34575 HIGH
7.5 Aug 02

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by

CVE-2026-33613 HIGH
7.2 Apr 02

Remote code execution in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows high-privileged authenticated attackers to

Share

CVE-2026-33616 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy