CVE

CVE-2021-34574

admin

CVE-2021-34574

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

Source: CVE-2021-34574

Exit mobile version