Vulnerability Details CVE-2026-33617
An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.5%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2026-33617
-
cpe:2.3:a:mbconnectline:mbconnect24:-
-
cpe:2.3:a:mbconnectline:mbconnect24:2.11.2
-
cpe:2.3:a:mbconnectline:mbconnect24:2.13.3
-
cpe:2.3:a:mbconnectline:mbconnect24:2.13.4
-
cpe:2.3:a:mbconnectline:mbconnect24:2.14.2
-
cpe:2.3:a:mbconnectline:mbconnect24:2.16.2
-
cpe:2.3:a:mbconnectline:mbconnect24:2.16.3
-
cpe:2.3:a:mbconnectline:mbconnect24:2.5.0
-
cpe:2.3:a:mbconnectline:mbconnect24:2.6.1
-
cpe:2.3:a:mbconnectline:mbconnect24:2.6.2
-
cpe:2.3:a:mbconnectline:mbconnect24:2.8.0
-
cpe:2.3:a:mbconnectline:mymbconnect24:-
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.11.2
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.13.3
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.13.4
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.14.2
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.16.2
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.16.3
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.5.0
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.6.2
-
cpe:2.3:a:mbconnectline:mymbconnect24:2.8.0