Product:

Rex_250_firmware

(Helmholz)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2023-08-17 CVE-2023-34412 A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). Rex_200_firmware, Rex_250_firmware, Mbnet\.rokey_rkh_210_firmware, Mbnet\.rokey_rkh_216_firmware, Mbnet\.rokey_rkh_235_firmware, Mbnet\.rokey_rkh_259_firmware, Mbnet_mdh_811_firmware, Mbnet_mdh_816_firmware, Mbnet_mdh_831_firmware, Mbnet_mdh_835_firmware, Mbnet_mdh_841_firmware, Mbnet_mdh_850_firmware, Mbnet_mdh_855_firmware, Mbnet_mdh_858_firmware, Mbnet_mdh_859_firmware, Mbnet_mdh_871_firmware, Mbnet_mdh_876_firmware N/A
2024-10-15 CVE-2024-45272 An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost. Myrex24_v2_virtual_server, Rex_200_firmware, Rex_250_firmware, Rex_300_firmware, Mbconnect24, Mbnet\.rokey_firmware, Mbnet_firmware, Mbnet_hw1_firmware, Mbspider_mdh_905_firmware, Mbspider_mdh_906_firmware, Mbspider_mdh_915_firmware, Mbspider_mdh_916_firmware, Mymbconnect24 N/A
2024-10-15 CVE-2024-45273 An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. Myrex24_v2_virtual_server, Rex_100_firmware, Rex_200_firmware, Rex_250_firmware, Rex_300_firmware, Mbconnect24, Mbnet\.mini_firmware, Mbnet\.rokey_firmware, Mbnet_firmware, Mbnet_hw1_firmware, Mbspider_mdh_905_firmware, Mbspider_mdh_906_firmware, Mbspider_mdh_915_firmware, Mbspider_mdh_916_firmware, Mymbconnect24 7.8