{"api_version":"1","generated_at":"2026-04-23T17:17:06+00:00","cve":"CVE-2026-33613","urls":{"html":"https://cve.report/CVE-2026-33613","api":"https://cve.report/api/cve/CVE-2026-33613.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-33613","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-33613"},"summary":{"title":"MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray","description":"Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise.\nThis vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table.","state":"PUBLISHED","assigner":"CERTVDE","published_at":"2026-04-02 10:16:15","updated_at":"2026-04-16 15:49:47"},"problem_types":["CWE-78","CWE-78 CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"8.8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"info@cert.vde.com","type":"Secondary","score":"7.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json","name":"https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json","refsource":"info@cert.vde.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://certvde.com/de/advisories/VDE-2026-030","name":"https://certvde.com/de/advisories/VDE-2026-030","refsource":"info@cert.vde.com","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-33613","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33613","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"MB connect line","product":"mbCONNECT24","version":"affected 0.0.0 2.19.4 semver","platforms":[]},{"source":"CNA","vendor":"MB connect line","product":"mymbCONNECT24","version":"affected 0.0.0 2.19.4 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Moritz Abrell, Christian Zäske from SySS GmbH","lang":"en"}],"nvd_cpes":[{"cve_year":"2026","cve_id":"33613","vulnerable":"1","versionEndIncluding":"2.19.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mbconnectline","cpe5":"mbconnect24","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"33613","vulnerable":"1","versionEndIncluding":"2.19.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mbconnectline","cpe5":"mymbconnect24","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"33613","cve":"CVE-2026-33613","epss":"0.001280000","percentile":"0.321840000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:41"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-33613","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-04-02T13:41:33.794559Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-02T13:42:38.209Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"mbCONNECT24","vendor":"MB connect line","versions":[{"lessThanOrEqual":"2.19.4","status":"affected","version":"0.0.0","versionType":"semver"}]},{"defaultStatus":"unaffected","product":"mymbCONNECT24","vendor":"MB connect line","versions":[{"lessThanOrEqual":"2.19.4","status":"affected","version":"0.0.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Moritz Abrell, Christian Zäske from SySS GmbH"}],"datePublic":"2026-04-02T09:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise.<br>This vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table.<br>"}],"value":"Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise.\nThis vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-02T08:59:34.008Z","orgId":"270ccfa6-a436-4e77-922e-914ec3a9685c","shortName":"CERTVDE"},"references":[{"tags":["vendor-advisory"],"url":"https://certvde.com/de/advisories/VDE-2026-030"},{"tags":["vendor-advisory"],"url":"https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json"}],"source":{"advisory":"VDE-2026-030","defect":["CERT@VDE#641994"],"discovery":"EXTERNAL"},"title":"MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray","x_generator":{"engine":"Vulnogram 0.1.0-dev"}}},"cveMetadata":{"assignerOrgId":"270ccfa6-a436-4e77-922e-914ec3a9685c","assignerShortName":"CERTVDE","cveId":"CVE-2026-33613","datePublished":"2026-04-02T08:59:34.008Z","dateReserved":"2026-03-23T13:15:49.381Z","dateUpdated":"2026-04-02T13:42:38.209Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-02 10:16:15","lastModifiedDate":"2026-04-16 15:49:47","problem_types":["CWE-78","CWE-78 CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*","versionEndIncluding":"2.19.4","matchCriteriaId":"FF88F461-51FB-482C-A406-07F72FC10D79"},{"vulnerable":true,"criteria":"cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*","versionEndIncluding":"2.19.4","matchCriteriaId":"36E8693F-94C4-46A4-BD83-D87B71B89F12"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"33613","Ordinal":"1","Title":"MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArra","CVE":"CVE-2026-33613","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"33613","Ordinal":"1","NoteData":"Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise.\nThis vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table.","Type":"Description","Title":"MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArra"}]}}}