Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-41679 (GCVE-0-2025-41679)
Vulnerability from cvelistv5 – Published: 2025-07-21 09:31 – Updated: 2025-11-03 19:59
VLAI?
EPSS
Title
Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service
Summary
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
Severity ?
5.3 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| MB connect line | mbNET.mini |
Affected:
0.0.0 , < 2.3.3
(semver)
|
|
| Helmholz | REX 100 |
Affected:
0.0.0 , < 2.3.3
(semver)
|
Credits
F. Bruckmoser, M. Eder, J. Heigl, M. Heudorn, G. Hofmarcher, M. Kadlec, M. Pristauz-Telsnigg, S. Resch, P. Schweinzer, M. Gschiel from St. Poelten UAS
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T12:30:59.892256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T12:31:24.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:59:05.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jul/38"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "mbNET.mini",
"vendor": "MB connect line",
"versions": [
{
"lessThan": "2.3.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "REX 100",
"vendor": "Helmholz",
"versions": [
{
"lessThan": "2.3.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "F. Bruckmoser, M. Eder, J. Heigl, M. Heudorn, G. Hofmarcher, M. Kadlec, M. Pristauz-Telsnigg, S. Resch, P. Schweinzer, M. Gschiel from St. Poelten UAS"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T09:31:04.713Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-058"
}
],
"source": {
"advisory": "VDE-2025-058, VDE-2025-059",
"defect": [
"CERT@VDE#641816",
"CERT@VDE#641817"
],
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41679",
"datePublished": "2025-07-21T09:31:04.713Z",
"dateReserved": "2025-04-16T11:17:48.308Z",
"dateUpdated": "2025-11-03T19:59:05.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-41679",
"date": "2026-05-20",
"epss": "0.00535",
"percentile": "0.67639"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-41679\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2025-07-21T10:15:25.133\",\"lastModified\":\"2025-11-06T16:44:44.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.\"},{\"lang\":\"es\",\"value\":\"Un atacante remoto no autenticado podr\u00eda explotar una vulnerabilidad de desbordamiento de b\u00fafer en el dispositivo, provocando una denegaci\u00f3n de servicio que afecte \u00fanicamente al servicio del asistente de inicializaci\u00f3n de red (Conftool).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.3\",\"matchCriteriaId\":\"73596D99-CA79-4FF6-AEF1-62C751C7FD23\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1D1B769-DA91-4F0C-AD34-D735B7A8B8FF\"}]}]}],\"references\":[{\"url\":\"https://certvde.com/de/advisories/VDE-2025-058\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/Jul/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-41679\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-21T12:30:59.892256Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-21T12:31:03.385Z\"}}], \"cna\": {\"title\": \"Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service\", \"source\": {\"defect\": [\"CERT@VDE#641816\", \"CERT@VDE#641817\"], \"advisory\": \"VDE-2025-058, VDE-2025-059\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"F. Bruckmoser, M. Eder, J. Heigl, M. Heudorn, G. Hofmarcher, M. Kadlec, M. Pristauz-Telsnigg, S. Resch, P. Schweinzer, M. Gschiel from St. Poelten UAS\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"MB connect line\", \"product\": \"mbNET.mini\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.0.0\", \"lessThan\": \"2.3.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Helmholz\", \"product\": \"REX 100\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.0.0\", \"lessThan\": \"2.3.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://certvde.com/de/advisories/VDE-2025-058\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2025-07-21T09:31:04.713Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-41679\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-21T12:31:24.437Z\", \"dateReserved\": \"2025-04-16T11:17:48.308Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2025-07-21T09:31:04.713Z\", \"assignerShortName\": \"CERTVDE\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-9C9X-54G4-9PFX
Vulnerability from github – Published: 2025-07-21 12:30 – Updated: 2025-11-03 21:34
VLAI?
Details
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
Severity ?
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-41679"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-21T10:15:25Z",
"severity": "MODERATE"
},
"details": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.",
"id": "GHSA-9c9x-54g4-9pfx",
"modified": "2025-11-03T21:34:09Z",
"published": "2025-07-21T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41679"
},
{
"type": "WEB",
"url": "https://certvde.com/de/advisories/VDE-2025-058"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jul/38"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
CNVD-2025-21147
Vulnerability from cnvd - Published: 2025-09-11
VLAI Severity ?
Title
MB CONNECT LINE mbNET.mini缓冲区溢出漏洞
Description
MB CONNECT LINE的mbNET.mini是一款专为工业场景设计的工业路由器,主要用于实现机器和系统的安全远程连接。
MB CONNECT LINE mbNET.mini存在缓冲区溢出漏,该漏洞源于应用在处理不受信任的输入时出现边界错误,攻击者可利用该漏洞导致拒绝服务。
Severity
中
Patch Name
MB CONNECT LINE mbNET.mini缓冲区溢出漏洞的补丁
Patch Description
MB CONNECT LINE的mbNET.mini是一款专为工业场景设计的工业路由器,主要用于实现机器和系统的安全远程连接。
MB CONNECT LINE mbNET.mini存在缓冲区溢出漏,该漏洞源于应用在处理不受信任的输入时出现边界错误,攻击者可利用该漏洞导致拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级程序修复该安全问题,详情见厂商官网: https://mbconnectline.com/download-portal/
Reference
https://certvde.com/de/advisories/VDE-2025-058
Impacted products
| Name | MB CONNECT LINE mbNET.mini <2.3.3 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-41679",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-41679"
}
},
"description": "MB CONNECT LINE\u7684mbNET.mini\u662f\u4e00\u6b3e\u4e13\u4e3a\u5de5\u4e1a\u573a\u666f\u8bbe\u8ba1\u7684\u5de5\u4e1a\u8def\u7531\u5668\uff0c\u4e3b\u8981\u7528\u4e8e\u5b9e\u73b0\u673a\u5668\u548c\u7cfb\u7edf\u7684\u5b89\u5168\u8fdc\u7a0b\u8fde\u63a5\u3002\n\nMB CONNECT LINE mbNET.mini\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5728\u5904\u7406\u4e0d\u53d7\u4fe1\u4efb\u7684\u8f93\u5165\u65f6\u51fa\u73b0\u8fb9\u754c\u9519\u8bef\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://mbconnectline.com/download-portal/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-21147",
"openTime": "2025-09-11",
"patchDescription": "MB CONNECT LINE\u7684mbNET.mini\u662f\u4e00\u6b3e\u4e13\u4e3a\u5de5\u4e1a\u573a\u666f\u8bbe\u8ba1\u7684\u5de5\u4e1a\u8def\u7531\u5668\uff0c\u4e3b\u8981\u7528\u4e8e\u5b9e\u73b0\u673a\u5668\u548c\u7cfb\u7edf\u7684\u5b89\u5168\u8fdc\u7a0b\u8fde\u63a5\u3002\r\n\r\nMB CONNECT LINE mbNET.mini\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5728\u5904\u7406\u4e0d\u53d7\u4fe1\u4efb\u7684\u8f93\u5165\u65f6\u51fa\u73b0\u8fb9\u754c\u9519\u8bef\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "MB CONNECT LINE mbNET.mini\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "MB CONNECT LINE mbNET.mini \u003c2.3.3"
},
"referenceLink": "https://certvde.com/de/advisories/VDE-2025-058",
"serverity": "\u4e2d",
"submitTime": "2025-07-25",
"title": "MB CONNECT LINE mbNET.mini\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
FKIE_CVE-2025-41679
Vulnerability from fkie_nvd - Published: 2025-07-21 10:15 - Updated: 2025-11-06 16:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mbconnectline | mbnet.mini_firmware | * | |
| mbconnectline | mbnet.mini | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73596D99-CA79-4FF6-AEF1-62C751C7FD23",
"versionEndExcluding": "2.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D1B769-DA91-4F0C-AD34-D735B7A8B8FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado podr\u00eda explotar una vulnerabilidad de desbordamiento de b\u00fafer en el dispositivo, provocando una denegaci\u00f3n de servicio que afecte \u00fanicamente al servicio del asistente de inicializaci\u00f3n de red (Conftool)."
}
],
"id": "CVE-2025-41679",
"lastModified": "2025-11-06T16:44:44.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-21T10:15:25.133",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Vendor Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://seclists.org/fulldisclosure/2025/Jul/38"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
}
]
}
VAR-202507-2455
Vulnerability from variot - Updated: 2025-11-18 15:11An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service. MB CONNECT LINE's mbNET.mini is an industrial router designed specifically for industrial scenarios, primarily used to enable secure remote connections between machines and systems.
MB CONNECT LINE's mbNET.mini contains a buffer overflow vulnerability. This vulnerability occurs due to a boundary error when processing untrusted input
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202507-2455",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mbnet.mini",
"scope": "lt",
"trust": 1.0,
"vendor": "mbconnectline",
"version": "2.3.3"
},
{
"model": "connect line mbnet.mini",
"scope": "lt",
"trust": 0.6,
"vendor": "mb",
"version": "2.3.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"cve": "CVE-2025-41679",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-21147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2025-41679",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2025-41679",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "info@cert.vde.com",
"id": "CVE-2025-41679",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2025-41679",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2025-21147",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service. MB CONNECT LINE\u0027s mbNET.mini is an industrial router designed specifically for industrial scenarios, primarily used to enable secure remote connections between machines and systems. \n\nMB CONNECT LINE\u0027s mbNET.mini contains a buffer overflow vulnerability. This vulnerability occurs due to a boundary error when processing untrusted input",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-41679"
},
{
"db": "CNVD",
"id": "CNVD-2025-21147"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT@VDE",
"id": "VDE-2025-058",
"trust": 1.6
},
{
"db": "NVD",
"id": "CVE-2025-41679",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2025-21147",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"id": "VAR-202507-2455",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
}
]
},
"last_update_date": "2025-11-18T15:11:53.093000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for MB CONNECT LINE mbNET.mini buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/731061"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://certvde.com/de/advisories/vde-2025-058"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2025/jul/38"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"date": "2025-07-21T10:15:25.133000",
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-09-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-21147"
},
{
"date": "2025-11-06T16:44:44.590000",
"db": "NVD",
"id": "CVE-2025-41679"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MB CONNECT LINE mbNET.mini buffer overflow vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-21147"
}
],
"trust": 0.6
}
}
VDE-2025-059
Vulnerability from csaf_helmholzgmbhcokg - Published: 2025-07-21 10:00 - Updated: 2025-07-21 10:00Summary
Helmholz: Multiple vulnerabilities in REX 100
Severity
Critical
Notes
Summary: Multiple vulnerabilities in all REX 100 devices with firmware <= 2.3.2 that allow an attacker to gain full control over the device.
Impact: Full control over the device is possible in various ways. For details see CVE description.
Remediation: Update to latest version: 2.3.3
A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession.
4.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.
4.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
Mitigation
|
A high privileged remote attacker can gain persistent XSS via POST requests due to improper neutralization of special elements used to create dynamic content.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
References
4 references
Acknowledgments
CERT@VDE
certvde.com
St. Poelten UAS
F. Bruckmoser
M. Eder
J. Heigl
M. Heudorn
G. Hofmarcher
M. Kadlec
M. Pristauz-Telsnigg
S. Resch
P. Schweinzer
M. Gschiel
fhstp.ac.at
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Sebastian Dietz"
],
"organization": "CyberDanube",
"summary": "coordination",
"urls": [
"https://cyberdanube.com/"
]
},
{
"names": [
"F. Bruckmoser",
"M. Eder",
"J. Heigl",
"M. Heudorn",
"G. Hofmarcher",
"M. Kadlec",
"M. Pristauz-Telsnigg",
"S. Resch",
"P. Schweinzer",
"M. Gschiel"
],
"organization": "St. Poelten UAS",
"summary": "reporting",
"urls": [
"https://fhstp.ac.at"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities in all REX 100 devices with firmware \u003c= 2.3.2 that allow an attacker to gain full control over the device.",
"title": "Summary"
},
{
"category": "description",
"text": "Full control over the device is possible in various ways. For details see CVE description.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to latest version: 2.3.3",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@helmholz.de",
"name": "Helmholz GmbH \u0026 Co. KG",
"namespace": "https://www.helmholz.de"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Helmholz GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/helmholz/"
},
{
"category": "self",
"summary": "VDE-2025-059: Helmholz: Multiple vulnerabilities in REX 100 - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-059/"
},
{
"category": "self",
"summary": "VDE-2025-059: Helmholz: Multiple vulnerabilities in REX 100 - CSAF",
"url": "https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-059.json"
},
{
"category": "external",
"summary": "Helmholz PSIRT",
"url": "https://www.helmholz.de/service-support/service/security-psirt/"
}
],
"title": "Helmholz: Multiple vulnerabilities in REX 100",
"tracking": {
"aliases": [
"VDE-2025-059"
],
"current_release_date": "2025-07-21T10:00:00.000Z",
"generator": {
"date": "2025-07-15T14:45:33.644Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.30"
}
},
"id": "VDE-2025-059",
"initial_release_date": "2025-07-21T10:00:00.000Z",
"revision_history": [
{
"date": "2025-07-21T10:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "REX 100",
"product": {
"name": "REX 100",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version",
"name": "2.3.3",
"product": {
"name": "Firmware 2.3.3",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "\u003c2.3.3",
"product": {
"name": "Firmware \u003c2.3.3",
"product_id": "CSAFPID-21001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "MB connect line"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.3.3 installed on REX 100",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-11001",
"relates_to_product_reference": "CSAFPID-21001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.3.3 installed on REX 100",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-11001",
"relates_to_product_reference": "CSAFPID-22001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41673",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41673"
},
{
"cve": "CVE-2025-41674",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41674"
},
{
"cve": "CVE-2025-41675",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41675"
},
{
"cve": "CVE-2025-41676",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41676"
},
{
"cve": "CVE-2025-41677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41677"
},
{
"cve": "CVE-2025-41678",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41678"
},
{
"cve": "CVE-2025-41679",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "mitigation",
"details": "Enable \"Lock network configuration (Conftool)\" in device configuration (enabled by default after device comes online for the first time).",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41679"
},
{
"cve": "CVE-2025-41681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can gain persistent XSS via POST requests due to improper neutralization of special elements used to create dynamic content.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"temporalScore": 4.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41681"
}
]
}
VDE-2025-058
Vulnerability from csaf_mbconnectlinegmbh - Published: 2025-07-21 10:00 - Updated: 2025-07-21 10:00Summary
MB connect line: Multiple vulnerabilities in mbNET.mini
Severity
Critical
Notes
Summary: Multiple vulnerabilities in all mbNET.mini devices with firmware <= 2.3.2 that allow an attacker to gain full control over the device.
Impact: Full control over the device is possible in various ways. For details see CVE description.
Remediation: Update to latest version: 2.3.3
A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession.
4.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.
4.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
Mitigation
|
A high privileged remote attacker can gain persistent XSS via POST requests due to improper neutralization of special elements used to create dynamic content.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31002 | — |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Mitigation
Vendor Fix
|
References
4 references
Acknowledgments
CERT@VDE
certvde.com
St. Poelten UAS
F. Bruckmoser
M. Eder
J. Heigl
M. Heudorn
G. Hofmarcher
M. Kadlec
M. Pristauz-Telsnigg
S. Resch
P. Schweinzer
M. Gschiel
fhstp.ac.at
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Sebastian Dietz"
],
"organization": "CyberDanube",
"summary": "coordination",
"urls": [
"https://cyberdanube.com/"
]
},
{
"names": [
"F. Bruckmoser",
"M. Eder",
"J. Heigl",
"M. Heudorn",
"G. Hofmarcher",
"M. Kadlec",
"M. Pristauz-Telsnigg",
"S. Resch",
"P. Schweinzer",
"M. Gschiel"
],
"organization": "St. Poelten UAS",
"summary": "reporting",
"urls": [
"https://fhstp.ac.at"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities in all mbNET.mini devices with firmware \u003c= 2.3.2 that allow an attacker to gain full control over the device.",
"title": "Summary"
},
{
"category": "description",
"text": "Full control over the device is possible in various ways. For details see CVE description.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to latest version: 2.3.3",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security-team@mbconnectline.de",
"name": "MB connect line GmbH",
"namespace": "https://mbconnectline.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for MB connect line GmbH",
"url": "https://certvde.com/en/advisories/vendor/mbconnectline/"
},
{
"category": "self",
"summary": "VDE-2025-058: MB connect line: Multiple vulnerabilities in mbNET.mini - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-058/"
},
{
"category": "self",
"summary": "VDE-2025-058: MB connect line: Multiple vulnerabilities in mbNET.mini - CSAF",
"url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-058.json"
},
{
"category": "external",
"summary": "MB connect line PSIRT",
"url": "https://mbconnectline.com/security/"
}
],
"title": "MB connect line: Multiple vulnerabilities in mbNET.mini",
"tracking": {
"aliases": [
"VDE-2025-058"
],
"current_release_date": "2025-07-21T10:00:00.000Z",
"generator": {
"date": "2025-07-15T14:45:24.023Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.29"
}
},
"id": "VDE-2025-058",
"initial_release_date": "2025-07-21T10:00:00.000Z",
"revision_history": [
{
"date": "2025-07-21T10:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "mbNET.mini",
"product": {
"name": "mbNET.mini",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version",
"name": "2.3.3",
"product": {
"name": "Firmware 2.3.3",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "\u003c2.3.3",
"product": {
"name": "Firmware \u003c2.3.3",
"product_id": "CSAFPID-21001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "MB connect line"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.3.3 installed on mbNET.mini",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-11001",
"relates_to_product_reference": "CSAFPID-21001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.3.3 installed on mbNET.mini",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-11001",
"relates_to_product_reference": "CSAFPID-22001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41673",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41673"
},
{
"cve": "CVE-2025-41674",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41674"
},
{
"cve": "CVE-2025-41675",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41675"
},
{
"cve": "CVE-2025-41676",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41676"
},
{
"cve": "CVE-2025-41677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41677"
},
{
"cve": "CVE-2025-41678",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41678"
},
{
"cve": "CVE-2025-41679",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "mitigation",
"details": "Enable \"Lock network configuration (Conftool)\" in device configuration (enabled by default after device comes online for the first time).",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41679"
},
{
"cve": "CVE-2025-41681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "description",
"text": "A high privileged remote attacker can gain persistent XSS via POST requests due to improper neutralization of special elements used to create dynamic content.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-31002"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As this is an authenticated exploit, you can mitigate it by making sure that no malicious actor can login to a vulnerable device.",
"product_ids": [
"CSAFPID-31001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest version: 2.3.3",
"product_ids": [
"CSAFPID-31001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"temporalScore": 4.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-41681"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…