Primary

Context

MB Connect Line and Helmholz MyREX24 User Enumeration Vulnerability

Vulnerability

Patched

A vulnerability exists in MB Connect Line's mbCONNECT24 and mymbCONNECT24 products, as well as in Helmholz's myREX24 and myREX24.virtual offerings, all prior to specified versions. This vulnerability allows unauthenticated remote attackers to enumerate valid usernames through an unprotected endpoint.

Impact

Exploitation of this vulnerability allows for user enumeration, potentially leading to targeted attacks against valid user accounts.

Remediation

Users are advised to update to the latest version of the respective product: MB Connect Line users should update to version 2.18.0, while Helmholz users should also update to version 2.18.0.

Added: Jun 24, 2025, 9:18 AM

Updated: Jun 24, 2025, 9:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MB Connect Line and Helmholz MyREX24 User Enumeration Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MB connect line mbCONNECT24

MB connect line mymbCONNECT24

Helmholz myREX24

Helmholz myREX24.virtual

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating