Approved changes feed: RSS · Atom
cpe:2.3:a:mbconnectline:mbdialup:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mbconnectline (9053089b-610a-5565-bb20-e8df004a7da3) |
|---|---|
| Product | Mbdialup (ebd70fb2-8742-5402-a994-ff313842411c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-33527 |
vulnerable | 2026-06-03 14:44:43.377925 |
OS Command Injection in mbDIALUP <= 3.9R0.0
CRITICAL (9.8)
In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.
Published: 2021-08-02T10:24:31.012Z
Updated: 2024-09-16T17:42:36.084Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-33526 |
vulnerable | 2026-06-03 14:44:43.377480 |
Privilege escalation in mbDIALUP <= 3.9R0.0
HIGH (7.8)
In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.
Published: 2021-08-02T10:24:29.999Z
Updated: 2024-09-17T01:56:14.438Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.