CISA has published an advisory on SQL injection, cross-site request forgery, and command injection vulnerabilities in MB connect line mbCONNECT24 and mymbCONNECT 24. For both products, versions 2.6.1 and prior are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to arbitrary information or allow remote code execution. MB connect line recommends users update mymbCONNECT24 and mbCONNECT24 to Version 2.6.2 or higher. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.
You are here
Related Resources
May 29, 2025 in Cybersecurity, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
May 29, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness