Skip to main content

Mbconnect24 CVE-2026-33617

| EUVDEUVD-2026-18180 MEDIUM
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2026-04-02 CERTVDE GHSA-x585-wrhm-2vx3
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Apr 02, 2026 - 09:30 euvd
EUVD-2026-18180
Analysis Generated
Apr 02, 2026 - 09:30 vuln.today
CVE Published
Apr 02, 2026 - 09:00 nvd
MEDIUM 5.3

DescriptionCVE.org

An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.

AnalysisAI

Unauthenticated remote attackers can access configuration files containing database credentials in MB Connect Line mbconnect24 and mymbconnect24 products, resulting in disclosure of sensitive authentication material. Although CVSS rates this as 5.3 (low severity confidentiality impact), the practical risk is limited because the disclosed credentials cannot be directly exploited to compromise additional systems-no exposed endpoint exists to leverage them. No public exploit code or active exploitation has been identified at the time of analysis.

Technical ContextAI

This vulnerability exploits improper access controls on configuration files, classified under CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere). The affected products-MB Connect Line's mbconnect24 and mymbconnect24 platforms-store database credentials in configuration files that are accessible via unauthenticated network requests without proper authentication or authorization checks. The root cause is a failure to restrict file access or to separate sensitive credentials from accessible configuration, allowing remote attackers to retrieve plaintext or weakly protected database connection strings.

RemediationAI

Organizations using mbconnect24 or mymbconnect24 should immediately apply vendor-released patches as documented in the MB Connect Line security advisory (VDE-2026-030). The primary fix is to upgrade to patched versions as specified by the vendor. Additionally, implement network-level access controls to restrict access to configuration files and sensitive endpoints, employ proper authentication and authorization checks on all file access endpoints, consider relocating database credentials to secure credential management systems (vaults or environment variables), and conduct an audit to determine whether any database credentials were exposed and require rotation. Refer to https://certvde.com/de/advisories/VDE-2026-030 for the exact patched version numbers and deployment guidance.

CVE-2020-10383 CRITICAL
9.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat

CVE-2026-33615 CRITICAL
9.1 Apr 02

SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 platforms allows unauthenticated remote attackers to ex

CVE-2023-0985 HIGH
8.8 Jun 06

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and

CVE-2020-10382 HIGH
8.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat

CVE-2026-10521 HIGH
8.6 Jun 23

Privileged remote modification of critical program parameters in MB connect line mbCONNECT24 and mymbCONNECT24 allows au

CVE-2024-45273 HIGH
7.8 Oct 15

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak

CVE-2020-10384 HIGH
7.8 Apr 14

An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. Rat

CVE-2026-33616 HIGH
7.5 Apr 02

Blind SQL injection in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows unauthenticated remote attackers to extract

CVE-2026-33614 HIGH
7.5 Apr 02

SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 products allows unauthenticated remote attackers to ext

CVE-2024-45272 HIGH
7.5 Oct 15

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with

CVE-2021-34580 HIGH
7.5 Oct 27

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind o

CVE-2021-34575 HIGH
7.5 Aug 02

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by

Share

CVE-2026-33617 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy