CVE-2025-41677
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-21
Last updated on: 2025-11-06
Assigner: CERT VDE
Description
Description
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mbconnectline | mbnet.mini_firmware | to 2.3.3 (exc) |
| mbconnectline | mbnet.mini | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows a highly privileged remote attacker to exhaust critical system resources by sending specially crafted POST requests repeatedly to the send-mail action, potentially causing a denial of service.
How can this vulnerability impact me? :
The vulnerability can lead to exhaustion of critical system resources, which may result in denial of service, affecting system availability and potentially disrupting normal operations.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70