127 matches found
PT-2026-22783
Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An issue exists in the reset pj.cgi endpoint of the software that allows unauthorized attackers to execute arbitrary commands by submitting a specially crafted GET...
Weintek cMT-3072XH2 easyweb 安全漏洞
Weintek cMT-3072XH2 easyweb is an intelligent human-computer interaction interface developed by Weintek Company in Taiwan, China. The version of Weintek cMT-3072XH2 easyweb v2.1.53 contains a security vulnerability. This vulnerability stems from the unvalidated resetpj.cgi endpoint, which may all...
CVE-2024-55019
Incorrect access control in the component downloadwb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files...
CVE-2024-55026
CVE-2024-55026 affects Weintek cMT-3072XH2 easyweb (v2.1.53) with OS v20231011. The issue is in the reset_pj.cgi endpoint, where a crafted GET request can lead to arbitrary command execution. Documented impact is high/critical (unauthorized, network-remote access with no user interaction). Root c...
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
EUVD-2024-55459
A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...
PT-2026-22777
Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb Web Version 2.1.53, OS 20231011 Description A command injection issue exists in the DHCP activation feature. Successful exploitation allows attackers to execute arbitrary commands with root privileges. The vulnerabl...
CVE-2024-55026
An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...
EUVD-2024-55461
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...
CVE-2024-55026
An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...
PT-2026-22780
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
CVE-2024-55022
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...
CVE-2024-55025
Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...
EUVD-2024-55462
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
CVE-2024-55024
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...
CVE-2024-55022
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...
CVE-2024-55027
The CVE-2024-55027 entry concerns Weintek cMT-3072XH2 easyweb v2.1.53 (OS v20231011). The vulnerability involves storing credentials in plaintext within the component uac_temp.db, exposing sensitive data and impacting confidentiality. The provided connected sources (Red Hat, NVD, CVE lists, and s...
PT-2026-22779
Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description The software contains an authenticated command injection issue. The issue is triggered via the HMI Name parameter. An attacker with valid credentials can inject...
Weintek cMT-3072XH2 easyweb 安全漏洞
Weintek cMT-3072XH2 easyweb is an intelligent human-computer interaction interface developed by Weintek Company in Taiwan, China. The version v2.1.53 of Weintek cMT-3072XH2 easyweb contains a security vulnerability. This vulnerability stems from a command injection vulnerability in the DHCP...
CVE-2024-55021
The CVE-2024-55021 entry concerns Weintek cMT-3072XH2 easyweb v2.1.53 running OS v20231011, which reportedly contains a hardcoded password in the FTP protocol. The Red Hat/NVD references confirm an affected product and indicate an impact on confidentiality (C: High) with no integrity or availabil...