MB connect line mbCONNECT24
Moderate fix1 remedy
cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 2.20.0
- 2.20.0
MB Connect Line mbCONNECT24 and mymbCONNECT24 Unauthenticated SQL Injection Vulnerability
Vulnerability
Patched
A vulnerability allowing unauthenticated remote SQL injection has been identified in MB Connect Line's mbCONNECT24 and mymbCONNECT24 applications, specifically in the mb24alarm.php file's _mb24confi_getTagAlarm function. This vulnerability arises from inadequate sanitization of special elements in a SQL SELECT command, potentially leading to a complete loss of confidentiality.
Impact
Exploitation of this vulnerability allows for SQL injection, which could be used to manipulate database queries and access or modify database information.
Remediation
Users are advised to update their mbCONNECT24 or mymbCONNECT24 instance to version 2.20.1.
Added: May 27, 2026, 8:31 AM
Updated: May 27, 2026, 8:31 AM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
4.7remediation
7.7relevance
9.7threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.