EUVD-2026-32151
GHSA-4334-w3q6-m8g5
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability.
AnalysisAI
OS command injection in MB connect line / Helmholz mbNET and REX industrial remote-maintenance routers (mbNET.mini up to 3.0.2, REX200/250 and mbNET/mbNET.rokey up to 8.4.4, REX100 up to 3.0.2) lets a high-privilege authenticated user poison the device's configuration generator so that a tainted value is later passed unsanitized to a system execute call, producing arbitrary command execution with total loss of confidentiality, integrity and availability. The flaw was reported through CERT@VDE (advisory VDE-2026-054) and tracked as EUVD-2026-32151. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
24 hours: Inventory all Helmholz mbNET.mini (≤3.0.2), REX100/200/250 (≤8.4.4), and mbNET.rokey (≤8.4.4) devices; restrict administrative access to essential personnel only. 7 days: Isolate affected routers from untrusted networks; disable configuration generator functionality if operationally feasible; implement network segmentation and enhanced logging. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today