Remote Resource Exhaustion Vulnerability in Fast Mail Action by Vendor
CVE-2025-41677

4.9MEDIUM

Key Information:

Vendor: Mb Connect Line
Status: Mbnet.mini; Rex 100
Vendor: CVE Published:; 21 July 2025

🔔 Create Mb Connect Line Vulnerability Alert

What is CVE-2025-41677?

A resource exhaustion vulnerability exists in the Fast Mail Action that allows a remote attacker with high privileges to deplete critical system resources. By sending specially crafted POST requests in rapid succession, an attacker can overwhelm the target system, potentially leading to service degradation or denial of service. This highlights the importance of implementing rate limiting and proper input validation to mitigate such threats.

Affected Version(s)

mbNET.mini 0.0.0 < 2.3.3

REX 100 0.0.0 < 2.3.3

References

https://certvde.com/de/advisories/VDE-2025-058

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

F. Bruckmoser, M. Eder, J. Heigl, M. Heudorn, G. Hofmarcher, M. Kadlec, M. Pristauz-Telsnigg, S. Resch, P. Schweinzer, M. Gschiel from St. Poelten UAS