Lucene search
K

127 matches found

NVD
NVD
added 2026/03/03 8:16 p.m.13 views

CVE-2024-55026

An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...

9.8CVSS0.00344EPSS
Exploits0References2
NVD
NVD
added 2026/03/03 8:16 p.m.12 views

CVE-2024-55027

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...

7.5CVSS0.00215EPSS
Exploits0References2
NVD
NVD
added 2026/03/03 8:16 p.m.12 views

CVE-2024-55023

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...

5.3CVSS0.00174EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:16 p.m.4 views

CVE-2024-55020

A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...

9.8CVSS6.1AI score0.01665EPSS
Exploits0References2
NVD
NVD
added 2026/03/03 8:16 p.m.8 views

CVE-2024-55020

A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...

9.8CVSS0.01665EPSS
Exploits0References2
NVD
NVD
added 2026/03/03 8:16 p.m.14 views

CVE-2024-55019

Incorrect access control in the component downloadwb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files...

7.5CVSS0.00294EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:16 p.m.6 views

CVE-2024-55019

Incorrect access control in the component downloadwb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.19 views

CVE-2024-55020

A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...

0.01665EPSS
Exploits0References2
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2024-55020

CVE-2024-55020 affects Weintek cMT-3072XH2 easyweb Web Version 2.1.53, OS v20231011. The DHCP activation feature exposes a command-injection flaw that allows attackers to run arbitrary commands with root privileges. CVSSv3.1: Network, Privileges None, User Interaction None, Impact: High (Confiden...

9.8CVSS6.2AI score0.01665EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/03/03 12:0 a.m.11 views

CVE-2024-55022

CVE-2024-55022 affects Weintek cMT-3072XH2 easyweb v2.1.53 on OS v20231011. An authenticated command injection vulnerability exists in the HMI Name parameter, allowing an attacker with valid credentials to inject commands. Public details indicate a high-severity impact (CVE metrics show high conf...

8.8CVSS5.9AI score0.01285EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2026/03/03 12:0 a.m.3 views

EUVD-2024-55462

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...

5.3CVSS5.9AI score0.00174EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.4 views

CVE-2024-55022

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...

5.9AI score0.01285EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.3 views

CVE-2024-55027

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...

5.9AI score0.00215EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.3 views

CVE-2024-55024

An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...

8.8CVSS5.9AI score0.00359EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.2 views

CVE-2024-55019

Incorrect access control in the component downloadwb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files...

6.5CVSS6AI score0.00294EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.3 views

PT-2026-22781

Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An authentication bypass exists in the authorization mechanism of the software. This allows unauthorized attackers to perform administrative actions using service...

8.8CVSS6AI score0.00359EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/03 12:0 a.m.6 views

EUVD-2024-55463

An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...

8.8CVSS5.9AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/03 12:0 a.m.2 views

EUVD-2024-55464

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References2
CVE
CVE
added 2026/03/03 12:0 a.m.11 views

CVE-2024-55025

CVE-2024-55025 concerns an access control flaw in the VNC component of Weintek cMT-3072XH2 easyweb, affecting version 2.1.53 on OS 20231011 . The issue permits unauthorized attackers to access the HMI system , per multiple sources. The root cause is described as an incorrect access control mechan...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.3 views

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References3
Rows per page
Query Builder