57 matches found
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
CVE-2024-55021
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol...
CVE-2024-55022
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...
CVE-2024-55024
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts...
CVE-2024-55026
An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...
CVE-2024-55023
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
CVE-2024-55023
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
CVE-2024-55020
A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...
CVE-2024-55020
A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...
CVE-2024-55020
A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges...
CVE-2024-55020
CVE-2024-55020 affects Weintek cMT-3072XH2 easyweb Web Version 2.1.53, OS v20231011. The DHCP activation feature exposes a command-injection flaw that allows attackers to run arbitrary commands with root privileges. CVSSv3.1: Network, Privileges None, User Interaction None, Impact: High (Confiden...
CVE-2024-55022
CVE-2024-55022 affects Weintek cMT-3072XH2 easyweb v2.1.53 on OS v20231011. An authenticated command injection vulnerability exists in the HMI Name parameter, allowing an attacker with valid credentials to inject commands. Public details indicate a high-severity impact (CVE metrics show high conf...
PT-2026-22781
Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An authentication bypass exists in the authorization mechanism of the software. This allows unauthorized attackers to perform administrative actions using service...
EUVD-2024-55464
Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...
CVE-2024-55025
CVE-2024-55025 concerns an access control flaw in the VNC component of Weintek cMT-3072XH2 easyweb, affecting version 2.1.53 on OS 20231011 . The issue permits unauthorized attackers to access the HMI system , per multiple sources. The root cause is described as an incorrect access control mechan...
Weintek cMT-3072XH2 easyweb 安全漏洞
Weintek cMT-3072XH2 easyweb is an intelligent human-computer interaction interface developed by Weintek Company in Taiwan, China. The version of Weintek cMT-3072XH2 easyweb v2.1.53 contains a security vulnerability. This vulnerability stems from an authorization mechanism that allows bypass of...
CVE-2024-55026
An issue in the resetpj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request...
Weintek cMT 安全漏洞
Weintek cMT is a human-computer interface application developed by Weintek Corporation. Version 2.1.53 of Weintek cMT contains a security vulnerability, which stems from hard-coded passwords in the FTP protocol...
Weintek cMT 安全漏洞
Weintek cMT is a human-computer interface application developed by Weintek Corporation. Version 2.1.53 of Weintek cMT contains a security vulnerability, which stems from the uactemp.db component storing credentials in plaintext...
PT-2026-22777
Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb Web Version 2.1.53, OS 20231011 Description A command injection issue exists in the DHCP activation feature. Successful exploitation allows attackers to execute arbitrary commands with root privileges. The vulnerabl...