NextGuard
UNKNOWNCVE-2026-33616

MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the mb24api Endpoint

Platform

other

Component

mbconnect24

View on NVD

An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

How to fix

Actualice mbCONNECT24 a una versión posterior a la 2.19.4. Esto corregirá la vulnerabilidad de inyección SQL y protegerá la confidencialidad de los datos.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free