Weintek Cmt3103_firmware

6 CVEs affecting Weintek Cmt3103_firmware. Latest disclosed: 2023-10-19. Critical: 5, High: 1.

Top CVEs affecting Weintek Cmt3103_firmware
CVESeverityScorePublishedSummary
CVE-2021-27446Critical10.02022-05-16The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on th…
CVE-2023-43492Critical9.82023-10-19 In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hi…
CVE-2023-38584Critical9.82023-10-19 In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to h…
CVE-2021-27444Critical9.82022-05-16The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sen…
CVE-2021-27442Critical9.42022-05-16The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious Ja…
CVE-2023-40145High8.82023-10-19 In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.