Description
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Helmholz / REX 1000.0.0 – 2.3.3
- MB connect line / mbNET.mini0.0.0 – 2.3.3
References
- VENDOR_ADVISORYhttps://certvde.com/de/advisories/VDE-2025-058