CVE-2021-27446 Weintek EasyWeb cMT Code Injection

The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system...

CVE-2021-27444 Weintek EasyWeb cMT Improper Access Control

The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator...

CVE-2021-27444 Weintek EasyWeb cMT Improper Access Control

The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator...

CVE-2021-27444

The CVE-2021-27444 issue affects Weintek EasyWeb cMT product line, arising from improper access controls that allow an unauthenticated remote attacker to access sensitive data and perform administrative actions as a legitimate administrator. The CVE is documented with a high/critical impact (CVSS...

CVE-2021-27442 Weintek EasyWeb cMT Cross-site Scripting

The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code...

CVE-2021-27442

The CVE-2021-27442 entry describes a cross-site scripting vulnerability in Weintek EasyWeb cMT (Weintek cMT product line). The issue is triggered in cross-site scripting during web page generation, allowing an unauthenticated remote attacker to inject JavaScript. Affected products include cMT mod...

CVE-2021-27442 Weintek EasyWeb cMT Cross-site Scripting

The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code...

Rusavtomatika Weintek EasyWeb cMT 跨站脚本漏洞

Rusavtomatika Weintek EasyWeb cMT is an application platform of the Russian company Rusavtomatika. It is used to configure the parameters of the human-machine interface. A cross-site scripting vulnerability exists in Rusavtomatika Weintek EasyWeb cMT, which allows unauthenticated, remote attacker...

Rusavtomatika Weintek EasyWeb cMT 安全漏洞

Rusavtomatika Weintek EasyWeb cMT is an application platform of the Russian company Rusavtomatika. It is used to configure the parameters of the human-machine interface. A security vulnerability exists in Rusavtomatika Weintek EasyWeb cMT that allows an unauthenticated attacker to remotely access...

Weintek EasyWeb cMT

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Weintek Equipment: cMT Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Rusavtomatika Weintek EasyWeb cMT 代码注入漏洞

Rusavtomatika Weintek EasyWeb cMT is an application platform of the Russian company Rusavtomatika. It is used to configure the parameters of the human-machine interface. A code injection vulnerability exists in Rusavtomatika Weintek EasyWeb cMT that allows an unauthenticated, remote attacker to...

Weintek EasyWeb cMT

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Weintek Equipment: cMT Vulnerabilities: Code Injection, Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...