Lucene search
K
WeintekEasyweb

9 matches found

CVE
CVE
added 2026/03/03 12:0 a.m.17 views

CVE-2024-55027

The CVE-2024-55027 entry concerns Weintek cMT-3072XH2 easyweb v2.1.53 (OS v20231011). The vulnerability involves storing credentials in plaintext within the component uac_temp.db, exposing sensitive data and impacting confidentiality. The provided connected sources (Red Hat, NVD, CVE lists, and s...

7.5CVSS5.9AI score0.00215EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.16 views

CVE-2024-55020

CVE-2024-55020 affects Weintek cMT-3072XH2 easyweb Web Version 2.1.53, OS v20231011. The DHCP activation feature exposes a command-injection flaw that allows attackers to run arbitrary commands with root privileges. CVSSv3.1: Network, Privileges None, User Interaction None, Impact: High (Confiden...

9.8CVSS6.2AI score0.01665EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2024-55019

Weintek cMT-3072XH2 easyweb Web Version v2.1.53 (OS v20231011) contains an access-control flaw in the download_wb.cgi component that allows unauthenticated users to download arbitrary files. The vulnerability is tied to incorrect access control in the relevant web interface, enabling potential da...

7.5CVSS6AI score0.00294EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2024-55021

The CVE-2024-55021 entry concerns Weintek cMT-3072XH2 easyweb v2.1.53 running OS v20231011, which reportedly contains a hardcoded password in the FTP protocol. The Red Hat/NVD references confirm an affected product and indicate an impact on confidentiality (C: High) with no integrity or availabil...

7.5CVSS5.9AI score0.00337EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2024-55022

CVE-2024-55022 affects Weintek cMT-3072XH2 easyweb v2.1.53 on OS v20231011. An authenticated command injection vulnerability exists in the HMI Name parameter, allowing an attacker with valid credentials to inject commands. Public details indicate a high-severity impact (CVE metrics show high conf...

8.8CVSS5.9AI score0.01285EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.14 views

CVE-2024-55026

CVE-2024-55026 affects Weintek cMT-3072XH2 easyweb (v2.1.53) with OS v20231011. The issue is in the reset_pj.cgi endpoint, where a crafted GET request can lead to arbitrary command execution. Documented impact is high/critical (unauthorized, network-remote access with no user interaction). Root c...

9.8CVSS6.2AI score0.00344EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.12 views

CVE-2024-55024

CVE-2024-55024 affects Weintek cMT-3072XH2 easyweb, v2.1.53, with OS v20231011. The vulnerability is an authentication bypass in the software’s authorization mechanism that allows unauthorized attackers to perform administrative actions using service accounts. Public details in the provided sourc...

9.8CVSS5.9AI score0.00359EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.11 views

CVE-2024-55025

CVE-2024-55025 concerns an access control flaw in the VNC component of Weintek cMT-3072XH2 easyweb, affecting version 2.1.53 on OS 20231011 . The issue permits unauthorized attackers to access the HMI system , per multiple sources. The root cause is described as an incorrect access control mechan...

6.5CVSS5.9AI score0.00302EPSS
CVE
CVE
added 2026/03/03 12:0 a.m.8 views

CVE-2024-55023

Weintek cMT-3072XH2 easyweb v2.1.53 on OS v20231011 contains a hardcoded encryption key, enabling potential access to sensitive information (CVE-2024-55023). Affected component: easyweb (Weintek). Underlying cause: hardcoded key disclosed in description. Documented impact: confidentiality impact ...

5.3CVSS5.9AI score0.00174EPSS