Weintek Cmt3071
6 CVEs affecting Weintek Cmt3071. Latest disclosed: 2023-10-19. Critical: 5, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-27446 | Critical | 10.0 | 2022-05-16 | The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on th… |
CVE-2023-43492 | Critical | 9.8 | 2023-10-19 | In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hi… |
CVE-2023-38584 | Critical | 9.8 | 2023-10-19 | In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to h… |
CVE-2021-27444 | Critical | 9.8 | 2022-05-16 | The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sen… |
CVE-2021-27442 | Critical | 9.4 | 2022-05-16 | The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious Ja… |
CVE-2023-40145 | High | 8.8 | 2023-10-19 | In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. |