Plattform
other
Komponente
mbconnect24
Behoben in
2.19.5
2.19.5
CVE-2026-33615 describes a critical SQL Injection vulnerability affecting mbCONNECT24 versions from 0.0.0 to 2.19.4. This vulnerability allows an unauthenticated attacker to inject malicious SQL code through the setinfo endpoint, potentially compromising the entire system. The vulnerability was publicly disclosed on April 2, 2026, and a patch is expected to be released by the vendor.
The SQL Injection vulnerability in mbCONNECT24 poses a significant threat due to its unauthenticated nature and potential for widespread impact. An attacker can exploit this flaw to bypass authentication and directly manipulate the database. This could lead to unauthorized access to sensitive data, including user credentials, configuration information, and potentially even financial records. The description explicitly states a 'total loss of integrity and availability' is possible, indicating the potential for data corruption, denial of service, and complete system compromise. Successful exploitation could mirror the impact seen in other SQL Injection attacks targeting similar database-driven applications, allowing attackers to gain full control of the affected system.
CVE-2026-33615 has been publicly disclosed and carries a CRITICAL CVSS score of 9.1. As of the disclosure date (2026-04-02), there is no indication of active exploitation or inclusion in the CISA KEV catalog. The lack of authentication required for exploitation suggests a high potential for automated scanning and exploitation if a public proof-of-concept is released. Monitor security advisories and threat intelligence feeds for any signs of exploitation.
Organizations utilizing mbCONNECT24 in production environments, particularly those with publicly accessible instances, are at significant risk. This includes businesses relying on mbCONNECT24 for communication or data management, especially those with inadequate security controls or outdated configurations. Shared hosting environments where multiple users share the same mbCONNECT24 instance are also particularly vulnerable.
• generic web: Use curl to test the setinfo endpoint with various SQL injection payloads. Check for error messages or unexpected behavior indicating successful injection.
curl -X POST -d "param='; DROP TABLE users;--" http://your-mbconnect24-server/setinfo• database (mysql): If you have access to the database, review the mbCONNECT24 database logs for suspicious SQL queries or attempts to access sensitive data.
• linux / server: Monitor system logs (e.g., /var/log/auth.log, /var/log/syslog) for unusual activity related to the mbCONNECT24 service or database connections.
disclosure
Exploit-Status
EPSS
0.10% (28% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-33615 is to upgrade mbCONNECT24 to a patched version as soon as it becomes available. Until a patch is released, consider implementing temporary workarounds to reduce the attack surface. These may include restricting access to the setinfo endpoint to trusted networks or users, implementing strict input validation on all parameters passed to the endpoint, and enabling Web Application Firewall (WAF) rules to detect and block SQL Injection attempts. Monitor system logs for suspicious activity, particularly SQL errors or unusual database queries. After upgrading, verify the fix by attempting a SQL Injection attack on the setinfo endpoint using a benign payload to confirm that the vulnerability has been successfully remediated.
Aktualisieren Sie mbCONNECT24 auf eine Version nach 2.19.4. Dies behebt die (SQL Injection) Schwachstelle und verhindert den Verlust von Integrität und Verfügbarkeit des Systems.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-33615 is a critical SQL Injection vulnerability in mbCONNECT24 versions 0.0.0–2.19.4, allowing unauthenticated attackers to inject malicious SQL code and potentially compromise the entire system.
If you are running mbCONNECT24 versions 0.0.0 through 2.19.4, you are potentially affected by this vulnerability. Assess your exposure and prioritize patching.
The recommended fix is to upgrade to a patched version of mbCONNECT24 as soon as it becomes available. Until then, implement temporary workarounds like WAF rules and input validation.
While no active exploitation has been confirmed, the vulnerability's criticality and ease of exploitation suggest a high likelihood of future attacks. Monitor for suspicious activity.
Refer to the official mbCONNECT24 website or security mailing list for the latest advisory and patch information. Check vendor's security page.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.