Description
An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.
Published: 2024-10-15
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-41404 An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.
History

Tue, 26 Aug 2025 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-116

Fri, 22 Aug 2025 07:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20

Fri, 22 Aug 2025 07:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00032}

 epss

{'score': 0.00036}

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Mon, 21 Oct 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Helmholz
Helmholz rex 100
Helmholz rex 100 Firmware
Mbconnectline
Mbconnectline mbnet.mini
Mbconnectline mbnet.mini Firmware
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:*
cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*
cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*
Vendors & Products Helmholz
Helmholz rex 100
Helmholz rex 100 Firmware
Mbconnectline
Mbconnectline mbnet.mini
Mbconnectline mbnet.mini Firmware

Tue, 15 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Mb Connect Line
Mb Connect Line mbnet.mini
Rex100
Rex100 helmholz
Weaknesses CWE-116
CPEs cpe:2.3:a:mb_connect_line:mbnet.mini:*:*:*:*:*:*:*:*
cpe:2.3:a:rex100:helmholz:*:*:*:*:*:*:*:*
Vendors & Products Mb Connect Line
Mb Connect Line mbnet.mini
Rex100
Rex100 helmholz
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 15 Oct 2024 10:45:00 +0000

Type Values Removed Values Added
Description An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.
Title MB connect line/Helmholz: Remote code execution due to improper input validation
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Helmholz Rex 100 Rex 100 Firmware
Mb Connect Line Mbnet.mini
Mbconnectline Mbnet.mini Mbnet.mini Firmware
Rex100 Helmholz
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2025-08-26T14:14:12.044Z

Reserved: 2024-08-26T09:19:01.266Z

Link: CVE-2024-45271

cve-icon Vulnrichment

Updated: 2024-10-16T17:49:30.446Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2024-10-15T11:15:11.420

Modified: 2025-08-26T15:15:40.903

Link: CVE-2024-45271

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses