Weintek Cmt-3072xh2_firmware

9 CVEs affecting Weintek Cmt-3072xh2_firmware. Latest disclosed: 2026-03-03. Critical: 3, High: 4.

Top CVEs affecting Weintek Cmt-3072xh2_firmware
CVESeverityScorePublishedSummary
CVE-2024-55026Critical9.82026-03-03An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supp…
CVE-2024-55024Critical9.82026-03-03An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to per…
CVE-2024-55020Critical9.82026-03-03A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute a…
CVE-2024-55022High8.82026-03-03Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter.
CVE-2024-55027High7.52026-03-03Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.
CVE-2024-55021High7.52026-03-03Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol.
CVE-2024-55019High7.52026-03-03Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to dow…
CVE-2024-55025Medium6.52026-03-03Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system.
CVE-2024-55023Medium5.32026-03-03Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive informat…