CVE-2023-40145

🗓️ 19 Oct 2023 19:26:20Reported by icscertType

In Weintek's cMT3000 HMI Web CGI, allows arbitrary command execution

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-40145	20 Oct 202300:34	–	circl
CNNVD	Weintek cMT Operating System Command Injection Vulnerability	13 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-40145 Weintek cMT3000 HMI Web CGI OS Command Injection	19 Oct 202319:26	–	cvelist
EUVD	EUVD-2023-44752	3 Oct 202520:07	–	euvd
ICS	Weintek cMT3000 HMI Web CGI	12 Oct 202306:00	–	ics
NVD	CVE-2023-40145	19 Oct 202320:15	–	nvd
OSV	CVE-2023-40145	19 Oct 202320:15	–	osv
Prion	Command injection	19 Oct 202320:15	–	prion
Vulnrichment	CVE-2023-40145 Weintek cMT3000 HMI Web CGI OS Command Injection	19 Oct 202319:26	–	vulnrichment

NVD

Vulners

Node

weintek cmt-fhd_firmwareRange<20210212

AND

weintek cmt-fhdMatch-

Node

weintek cmt-hdm_firmwareRange<20210206

AND

weintek cmt-hdmMatch-

Node

weintek cmt3071_firmwareRange<20210220

AND

weintek cmt3071Match-

Node

weintek cmt3072_firmwareRange<20210220

AND

weintek cmt3072Match-

Node

weintek cmt3090_firmwareRange<20210220

AND

weintek cmt3090Match-

Node

weintek cmt3103_firmwareRange<20210220

AND

weintek cmt3103Match-

Node

weintek cmt3151_firmwareRange<20210220

AND

weintek cmt3151Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "cMT-FHD",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210210 ",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT-HDM",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210204 ",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3071",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210218",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3072",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210218",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3103",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210218",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3090",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210218",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "cMT3151",
    "vendor": "Weintek",
    "versions": [
      {
        "lessThanOrEqual": "20210218",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-23-285-12
dl	www.dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf

21 Nov 2024 08:18Current

9.1High risk

Vulners AI Score9.1

CVSS 3.18.8

EPSS0.00406

SSVC

CWE-78