MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint

Description

An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.

Affected Products

Vendor	Product	Versions
mb connect line	mbconnect24	0.0.0, 0.0.0

References

https://certvde.com/de/advisories/VDE-2026-030(vendor-advisory)
https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json(vendor-advisory)

Related News (1 articles)

Tier C

VulDB3d ago

CVE-2026-33617 | MB connect line mbCONNECT24/mymbCONNECT24 up to 2.19.4 Configuration File exposure of sensitive system information to an unauthorized control sphere (VDE-2026-030)

→ No new info (linked only)

MB connect line mbCONNECT24 vulnerable to an unauthenticated information disclosure in the data24 Endpoint

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (4)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History