CVE-2023-34412 (GCVE-0-2023-34412)

Vulnerability from cvelistv5 – Published: 2023-08-17 13:07 – Updated: 2024-08-02 16:10
VLAI?
Title
Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
Summary
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).
Severity ?
4.8 (Medium)
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
Vendor Product Version
Red Lion Europe mbNET Affected: 0 , < 7.3.2 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:10:06.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2023-012/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2023-029/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "mbNET",
          "vendor": "Red Lion Europe",
          "versions": [
            {
              "lessThan": "7.3.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "mbNET.rokey",
          "vendor": "Red Lion Europe",
          "versions": [
            {
              "lessThan": "7.3.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "REX 200",
          "vendor": "Helmholz",
          "versions": [
            {
              "lessThan": "7.3.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "REX 250",
          "vendor": "Helmholz",
          "versions": [
            {
              "lessThan": "7.3.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS)."
            }
          ],
          "value": "A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-16T11:02:33.346Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2023-012/"
        },
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2023-029/"
        }
      ],
      "source": {
        "defect": [
          "CERT@VDE#64536"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2023-34412",
    "datePublished": "2023-08-17T13:07:01.697Z",
    "dateReserved": "2023-06-05T12:05:57.451Z",
    "dateUpdated": "2024-08-02T16:10:06.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:helmholz:rex_250_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"18903E70-B902-4182-B41D-666EB8C3B61C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:helmholz:rex_250:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53454815-3E7A-4097-8FC7-2F7634DAF7E1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:helmholz:rex_200_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"66925474-A4F6-4D7C-8163-290761406352\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:helmholz:rex_200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28B3785D-8EFF-4A67-88F1-8F9D0EC39D6C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet.rokey_rkh_210_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"498A9C6F-FCEE-44F9-AC64-8C070E9E31A4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet.rokey_rkh_210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DBA39B6-4D76-44ED-847F-10B2BA96EB0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet.rokey_rkh_216_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"C2FEA63F-166C-4D08-8F49-8F1962CB97E2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet.rokey_rkh_216:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F530332-3BFB-43D3-AD5F-0B4410543BEA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet.rokey_rkh_235_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"35085939-39A2-482B-802F-77313F1CA63D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet.rokey_rkh_235:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"873AEDC5-A8B6-4B76-8A43-A3C6241ABE09\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet.rokey_rkh_259_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"7EF81568-103C-408A-A575-33588BF5903B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet.rokey_rkh_259:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"031FFFE6-9C5F-47D9-8264-CC7C2D256941\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_811_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"EBE73666-D739-4C07-B7B4-31BBC0608C74\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_811:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30C680F1-60C6-43BF-BE62-D9D49A609734\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_850_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"12FBFD60-81BC-4B25-8AC5-E041E57A870E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C293C0F8-EF07-4F19-A7B6-CE5EC170E042\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_871_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"68D51AD3-E614-45C3-8163-9547DCD41FEB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_871:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4347DC3-2035-4328-91CE-3ABA912A3B7D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_831_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"C06DD90C-4E6D-4836-99CA-16A0F0AAE6E1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_831:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A275C2A8-D5B6-4B32-9080-5E41B51B4487\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_855_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"D1997B14-061F-47D6-8FF0-266D316211CB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_855:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"055F9937-565E-4103-9E2A-0BB274B1D770\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_876_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"A72C9074-B9A0-4DF9-9262-0937C6B2B3FF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_876:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E152B4F0-44A1-45FD-A541-0E039479DC00\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_858_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"745A8264-D4A7-4431-83E0-63FA59A8E575\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_858:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0002E5EA-F173-4861-95D9-6996A51F08A0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_816_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"CD074843-119D-4738-8F52-D43B825AA472\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_816:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B61FB21C-AD6B-4BF8-A303-8C0122276B7A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_841_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"EAEF7742-A151-4139-A664-DE482CC1B830\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_841:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1C27B28-A5ED-4C25-B0B9-14D1E89A414B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_859_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"3AC171EC-9196-4DFA-A07F-C4DC8D1037DD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_859:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35427F3B-13D9-42E4-8547-0DC3A2B03662\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redlion:mbnet_mdh_835_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.2\", \"matchCriteriaId\": \"967284B7-89DE-41E7-AD1F-61F0F3530944\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:redlion:mbnet_mdh_835:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53DA2CB3-9C62-4CE1-8DB8-2E7378D162E4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).\"}]",
      "id": "CVE-2023-34412",
      "lastModified": "2024-11-21T08:07:11.220",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 2.7}]}",
      "published": "2023-08-17T14:15:09.700",
      "references": "[{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-012/\", \"source\": \"info@cert.vde.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-029/\", \"source\": \"info@cert.vde.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-012/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-029/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "info@cert.vde.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-34412\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2023-08-17T14:15:09.700\",\"lastModified\":\"2024-11-21T08:07:11.220\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:helmholz:rex_250_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"18903E70-B902-4182-B41D-666EB8C3B61C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:helmholz:rex_250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53454815-3E7A-4097-8FC7-2F7634DAF7E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:helmholz:rex_200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"66925474-A4F6-4D7C-8163-290761406352\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:helmholz:rex_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B3785D-8EFF-4A67-88F1-8F9D0EC39D6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet.rokey_rkh_210_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"498A9C6F-FCEE-44F9-AC64-8C070E9E31A4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet.rokey_rkh_210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DBA39B6-4D76-44ED-847F-10B2BA96EB0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet.rokey_rkh_216_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"C2FEA63F-166C-4D08-8F49-8F1962CB97E2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet.rokey_rkh_216:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F530332-3BFB-43D3-AD5F-0B4410543BEA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet.rokey_rkh_235_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"35085939-39A2-482B-802F-77313F1CA63D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet.rokey_rkh_235:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"873AEDC5-A8B6-4B76-8A43-A3C6241ABE09\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet.rokey_rkh_259_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"7EF81568-103C-408A-A575-33588BF5903B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet.rokey_rkh_259:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"031FFFE6-9C5F-47D9-8264-CC7C2D256941\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_811_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"EBE73666-D739-4C07-B7B4-31BBC0608C74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_811:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30C680F1-60C6-43BF-BE62-D9D49A609734\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_850_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"12FBFD60-81BC-4B25-8AC5-E041E57A870E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C293C0F8-EF07-4F19-A7B6-CE5EC170E042\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_871_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"68D51AD3-E614-45C3-8163-9547DCD41FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_871:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4347DC3-2035-4328-91CE-3ABA912A3B7D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_831_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"C06DD90C-4E6D-4836-99CA-16A0F0AAE6E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_831:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A275C2A8-D5B6-4B32-9080-5E41B51B4487\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_855_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"D1997B14-061F-47D6-8FF0-266D316211CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_855:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055F9937-565E-4103-9E2A-0BB274B1D770\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_876_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"A72C9074-B9A0-4DF9-9262-0937C6B2B3FF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_876:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E152B4F0-44A1-45FD-A541-0E039479DC00\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_858_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"745A8264-D4A7-4431-83E0-63FA59A8E575\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_858:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0002E5EA-F173-4861-95D9-6996A51F08A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_816_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"CD074843-119D-4738-8F52-D43B825AA472\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_816:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B61FB21C-AD6B-4BF8-A303-8C0122276B7A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_841_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"EAEF7742-A151-4139-A664-DE482CC1B830\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_841:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C27B28-A5ED-4C25-B0B9-14D1E89A414B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_859_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"3AC171EC-9196-4DFA-A07F-C4DC8D1037DD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_859:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35427F3B-13D9-42E4-8547-0DC3A2B03662\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redlion:mbnet_mdh_835_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.2\",\"matchCriteriaId\":\"967284B7-89DE-41E7-AD1F-61F0F3530944\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:redlion:mbnet_mdh_835:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53DA2CB3-9C62-4CE1-8DB8-2E7378D162E4\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-012/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-029/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-012/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-029/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.