Security Advisory

CVE-2026-33616

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-02 08:59:55

Last updated 2026-04-02 13:08:18

Assigner CERTVDE

State PUBLISHED

Description

An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

← Browse all CVEs View on cve.org ↗