Skip to main content

Rex 100 Firmware

5 CVEs product

Monthly

CVE-2024-45276 HIGH This Week

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-45275 CRITICAL Act Now

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-45274 CRITICAL Act Now

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-45273 HIGH This Week

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Mbnet Mini Firmware Myrex24 V2 Virtual Server Rex 300 Firmware Rex 200 Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45271 HIGH This Week

An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Mbnet Mini Firmware Rex 100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH This Week

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mbnet Mini Firmware Rex 100 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Mbnet Mini Firmware Myrex24 V2 Virtual Server +13
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Mbnet Mini Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy