An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-056 | Third Party Advisory |
https://cert.vde.com/en/advisories/VDE-2024-066 | Third Party Advisory |
Configurations
History
17 Oct 2024, 17:40
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CPE | cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:* cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:* cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Helmholz
Helmholz rex 100 Helmholz rex 100 Firmware Mbconnectline mbnet.mini Firmware Mbconnectline mbnet.mini Mbconnectline |
|
References | () https://cert.vde.com/en/advisories/VDE-2024-056 - Third Party Advisory | |
References | () https://cert.vde.com/en/advisories/VDE-2024-066 - Third Party Advisory |
15 Oct 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-15 11:15
Updated : 2024-10-17 17:40
NVD link : CVE-2024-45274
Mitre link : CVE-2024-45274
CVE.ORG link : CVE-2024-45274
JSON object : View
Products Affected
helmholz
- rex_100
- rex_100_firmware
mbconnectline
- mbnet.mini
- mbnet.mini_firmware
CWE
CWE-306
Missing Authentication for Critical Function