Remote Information Disclosure Vulnerability in ABC Inc. Web Application
CVE-2025-3090

8.2HIGH

Key Information:

Vendor: Mb Connect Line
Status: Mbconnect24; Mymbconnect24; Myrex24; Myrex24.virtual
Vendor: CVE Published:; 24 June 2025

🔔 Create Mb Connect Line Vulnerability Alert

What is CVE-2025-3090?

An unauthenticated remote attacker can exploit a flaw in the ABC Inc. web application, allowing them to gain access to sensitive information and potentially cause a denial of service (DoS) by leveraging missing authentication mechanisms for critical functions. This vulnerability highlights the importance of robust authentication protocols to safeguard against unauthorized access and protect user data.

Affected Version(s)

mbCONNECT24 0 < 2.18.0

mymbCONNECT24 0 < 2.18.0

myREX24 0 < 2.18.0

References

https://certvde.com/en/advisories/VDE-2025-034

https://certvde.com/en/advisories/VDE-2025-037

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Apr 1, 2025