CVE-2026-40816

Vulnerability

An unauthenticated SQL injection vulnerability exists in the _mb24confi_getTagAlarm function within the mb24alarm.php file of MB connect line's mbCONNECT24 and mymbCONNECT24 products. The vulnerability arises from improper neutralization of special elements used in a SQL SELECT command. The affected product versions are not explicitly listed in the available references, but the advisory covers mbCONNECT24 and mymbCONNECT24 [1].

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending a crafted HTTP request to the mb24alarm.php endpoint with malicious SQL input in the relevant parameter. No authentication or prior access is required. The attacker only needs network connectivity to the vulnerable service.

Impact

Successful exploitation results in a total loss of confidentiality. The attacker can execute arbitrary SQL queries against the underlying database, potentially extracting sensitive data stored in the application. The impact is limited to confidentiality; integrity and availability are not directly affected according to the description.

Mitigation

Not yet disclosed in the available references. The advisory from CERT VDE was published on May 27, 2026, but no fixed version or workaround is provided. Users should monitor vendor updates for mbCONNECT24 and mymbCONNECT24 for a patch [1].