Vulnerability Database

302,156

Total vulnerabilities in the database

CVE-2023-34412

A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).

Published: Aug 17, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-34412
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.8
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
helmholz / rex_250_firmware	-	7.3.2
helmholz / rex_200_firmware	-	7.3.2
redlion / mbnet.rokey_rkh_210_firmware	-	7.3.2
redlion / mbnet.rokey_rkh_216_firmware	-	7.3.2
redlion / mbnet.rokey_rkh_235_firmware	-	7.3.2
redlion / mbnet.rokey_rkh_259_firmware	-	7.3.2
redlion / mbnet_mdh_811_firmware	-	7.3.2
redlion / mbnet_mdh_850_firmware	-	7.3.2
redlion / mbnet_mdh_871_firmware	-	7.3.2
redlion / mbnet_mdh_831_firmware	-	7.3.2
redlion / mbnet_mdh_855_firmware	-	7.3.2
redlion / mbnet_mdh_876_firmware	-	7.3.2
redlion / mbnet_mdh_858_firmware	-	7.3.2
redlion / mbnet_mdh_816_firmware	-	7.3.2
redlion / mbnet_mdh_841_firmware	-	7.3.2
redlion / mbnet_mdh_859_firmware	-	7.3.2
redlion / mbnet_mdh_835_firmware	-	7.3.2

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo