Search criteria
18 vulnerabilities found for cmt3071_firmware by weintek
FKIE_CVE-2023-43492
Vulnerability from fkie_nvd - Published: 2023-10-19 20:15 - Updated: 2024-11-21 08:24
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Exploit, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| weintek | cmt-fhd_firmware | * | |
| weintek | cmt-fhd | - | |
| weintek | cmt-hdm_firmware | * | |
| weintek | cmt-hdm | - | |
| weintek | cmt3071_firmware | * | |
| weintek | cmt3071 | - | |
| weintek | cmt3072_firmware | * | |
| weintek | cmt3072 | - | |
| weintek | cmt3090_firmware | * | |
| weintek | cmt3090 | - | |
| weintek | cmt3103_firmware | * | |
| weintek | cmt3103 | - | |
| weintek | cmt3151_firmware | * | |
| weintek | cmt3151 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33538560-F796-4D1D-AA52-63DB5FD817BF",
"versionEndExcluding": "20210212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52502356-D835-4468-BCA6-875177B562F8",
"versionEndExcluding": "20210206",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "210A03BC-C9BB-4832-BDB2-2EB5E87FD13A",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17422509-5131-48A3-8C9A-ECA4332C33F0",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5B9225-364C-46BD-BCB4-E151923855CC",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3651EA3F-5C3F-4893-AF82-E7FDBBAF5EAA",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82F72B48-B2CE-4580-B4CC-49879CA6074B",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"
},
{
"lang": "es",
"value": "En el dispositivo cMT3000 HMI Web CGI de Weintek, el cgi-bin codesys.cgi contiene un desbordamiento de b\u00fafer basado en pila, que podr\u00eda permitir a un atacante an\u00f3nimo secuestrar el flujo de control y evitar la autenticaci\u00f3n de inicio de sesi\u00f3n."
}
],
"id": "CVE-2023-43492",
"lastModified": "2024-11-21T08:24:08.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T20:15:09.230",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-40145
Vulnerability from fkie_nvd - Published: 2023-10-19 20:15 - Updated: 2024-11-21 08:18
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| weintek | cmt-fhd_firmware | * | |
| weintek | cmt-fhd | - | |
| weintek | cmt-hdm_firmware | * | |
| weintek | cmt-hdm | - | |
| weintek | cmt3071_firmware | * | |
| weintek | cmt3071 | - | |
| weintek | cmt3072_firmware | * | |
| weintek | cmt3072 | - | |
| weintek | cmt3090_firmware | * | |
| weintek | cmt3090 | - | |
| weintek | cmt3103_firmware | * | |
| weintek | cmt3103 | - | |
| weintek | cmt3151_firmware | * | |
| weintek | cmt3151 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33538560-F796-4D1D-AA52-63DB5FD817BF",
"versionEndExcluding": "20210212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52502356-D835-4468-BCA6-875177B562F8",
"versionEndExcluding": "20210206",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "210A03BC-C9BB-4832-BDB2-2EB5E87FD13A",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17422509-5131-48A3-8C9A-ECA4332C33F0",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5B9225-364C-46BD-BCB4-E151923855CC",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3651EA3F-5C3F-4893-AF82-E7FDBBAF5EAA",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82F72B48-B2CE-4580-B4CC-49879CA6074B",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\n\n\n\n"
},
{
"lang": "es",
"value": "En el dispositivo cMT3000 HMI Web CGI de Weintek, un atacante an\u00f3nimo puede ejecutar comandos arbitrarios despu\u00e9s de iniciar sesi\u00f3n en el dispositivo."
}
],
"id": "CVE-2023-40145",
"lastModified": "2024-11-21T08:18:52.030",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T20:15:09.150",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-38584
Vulnerability from fkie_nvd - Published: 2023-10-19 20:15 - Updated: 2024-11-21 08:13
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| weintek | cmt-fhd_firmware | * | |
| weintek | cmt-fhd | - | |
| weintek | cmt-hdm_firmware | * | |
| weintek | cmt-hdm | - | |
| weintek | cmt3071_firmware | * | |
| weintek | cmt3071 | - | |
| weintek | cmt3072_firmware | * | |
| weintek | cmt3072 | - | |
| weintek | cmt3090_firmware | * | |
| weintek | cmt3090 | - | |
| weintek | cmt3103_firmware | * | |
| weintek | cmt3103 | - | |
| weintek | cmt3151_firmware | * | |
| weintek | cmt3151 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33538560-F796-4D1D-AA52-63DB5FD817BF",
"versionEndExcluding": "20210212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52502356-D835-4468-BCA6-875177B562F8",
"versionEndExcluding": "20210206",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "210A03BC-C9BB-4832-BDB2-2EB5E87FD13A",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17422509-5131-48A3-8C9A-ECA4332C33F0",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5B9225-364C-46BD-BCB4-E151923855CC",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3651EA3F-5C3F-4893-AF82-E7FDBBAF5EAA",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82F72B48-B2CE-4580-B4CC-49879CA6074B",
"versionEndExcluding": "20210220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n"
},
{
"lang": "es",
"value": "En el dispositivo cMT3000 HMI Web CGI de Weintek, cgi-bin command_wb.cgi contiene un desbordamiento de b\u00fafer basado en pila, que podr\u00eda permitir a un atacante an\u00f3nimo secuestrar el flujo de control y evitar la autenticaci\u00f3n de inicio de sesi\u00f3n."
}
],
"id": "CVE-2023-38584",
"lastModified": "2024-11-21T08:13:52.743",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T20:15:09.047",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-27442
Vulnerability from fkie_nvd - Published: 2022-05-16 18:15 - Updated: 2024-11-21 05:57
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9FCBF-CD84-4863-A4E4-613BD228D2CA",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408166F7-5030-4FDA-94CF-4DD2237A1EA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D1FD50-6AD9-4F6F-84A2-1646542350CC",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE3CBE0-6B56-4405-91E2-15DB0C6E7967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "176DF351-ECB2-44F8-9009-48B76D9EB867",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "673841CB-C2D6-486C-8C5D-0180173196D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-202_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7AA6AD2-B144-437E-B185-4BD47703A54B",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-202:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB57299A-5F53-44A5-B1D3-2E554180562B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5985D77C-E9BF-4E1B-8128-A0737281B8FA",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ADA01D-E62C-4D53-B70D-BFB750CA2B52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g02_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF566CC-966E-48E9-B6C9-F6CA52FFEAA1",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g02:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB93C5F-4C71-4337-B72F-FE9B6E5CF83C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g03_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F59201D7-3D0B-446F-90B9-FD19C9DB04C0",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61343FB6-5943-4FE7-9E3C-56F184622B7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g04_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F264AD39-4A3F-4273-A951-6DCB6768E82F",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BCB236-F9AC-4729-BCAF-F005250C0F2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37D305D8-34F6-4BEF-99D4-CF4A18EFA9D3",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A20906F-F91F-486A-9340-8D22C93C19AE",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A84ABF9C-EC9B-4CBF-967F-5F38DCD32A16",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B70E20F8-83E0-45C9-B02F-D1957AD47C6A",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5065F83-0BD0-44B1-9E64-8689F0F3B4D0",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A793B51-28F7-4A17-BD4C-74C2FCA053FC",
"versionEndExcluding": "20210204",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81DBEE28-6A04-43E0-9C5E-592162179896",
"versionEndExcluding": "20210208",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-ctrl01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38F4698D-B9D6-42E4-9867-9BDCC2F2F2A8",
"versionEndExcluding": "20210302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-ctrl01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9CB899-1EE6-4599-861D-9BBA4856E5CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
},
{
"lang": "es",
"value": "La l\u00ednea de productos Weintek cMT es vulnerable a una vulnerabilidad de tipo Cross-site scripting, que podr\u00eda permitir a un atacante remoto no autenticado inyectar c\u00f3digo JavaScript malicioso"
}
],
"id": "CVE-2021-27442",
"lastModified": "2024-11-21T05:57:59.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-16T18:15:08.043",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-27444
Vulnerability from fkie_nvd - Published: 2022-05-16 18:15 - Updated: 2024-11-21 05:57
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9FCBF-CD84-4863-A4E4-613BD228D2CA",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408166F7-5030-4FDA-94CF-4DD2237A1EA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D1FD50-6AD9-4F6F-84A2-1646542350CC",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE3CBE0-6B56-4405-91E2-15DB0C6E7967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "176DF351-ECB2-44F8-9009-48B76D9EB867",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "673841CB-C2D6-486C-8C5D-0180173196D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-202_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7AA6AD2-B144-437E-B185-4BD47703A54B",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-202:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB57299A-5F53-44A5-B1D3-2E554180562B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5985D77C-E9BF-4E1B-8128-A0737281B8FA",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ADA01D-E62C-4D53-B70D-BFB750CA2B52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g02_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF566CC-966E-48E9-B6C9-F6CA52FFEAA1",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g02:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB93C5F-4C71-4337-B72F-FE9B6E5CF83C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g03_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F59201D7-3D0B-446F-90B9-FD19C9DB04C0",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61343FB6-5943-4FE7-9E3C-56F184622B7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g04_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F264AD39-4A3F-4273-A951-6DCB6768E82F",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BCB236-F9AC-4729-BCAF-F005250C0F2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37D305D8-34F6-4BEF-99D4-CF4A18EFA9D3",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A20906F-F91F-486A-9340-8D22C93C19AE",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A84ABF9C-EC9B-4CBF-967F-5F38DCD32A16",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B70E20F8-83E0-45C9-B02F-D1957AD47C6A",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5065F83-0BD0-44B1-9E64-8689F0F3B4D0",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A793B51-28F7-4A17-BD4C-74C2FCA053FC",
"versionEndExcluding": "20210204",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81DBEE28-6A04-43E0-9C5E-592162179896",
"versionEndExcluding": "20210208",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-ctrl01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38F4698D-B9D6-42E4-9867-9BDCC2F2F2A8",
"versionEndExcluding": "20210302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-ctrl01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9CB899-1EE6-4599-861D-9BBA4856E5CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
},
{
"lang": "es",
"value": "La l\u00ednea de productos Weintek cMT es vulnerable a varios controles de acceso inapropiados, que pueden permitir a un atacante no autenticado acceder y descargar remotamente informaci\u00f3n confidencial y llevar a cabo acciones administrativas en nombre de un administrador leg\u00edtimo"
}
],
"id": "CVE-2021-27444",
"lastModified": "2024-11-21T05:57:59.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-16T18:15:08.110",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-27446
Vulnerability from fkie_nvd - Published: 2022-05-16 18:15 - Updated: 2024-11-21 05:58
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9FCBF-CD84-4863-A4E4-613BD228D2CA",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408166F7-5030-4FDA-94CF-4DD2237A1EA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-102_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D1FD50-6AD9-4F6F-84A2-1646542350CC",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-102:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE3CBE0-6B56-4405-91E2-15DB0C6E7967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "176DF351-ECB2-44F8-9009-48B76D9EB867",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "673841CB-C2D6-486C-8C5D-0180173196D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-svr-202_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7AA6AD2-B144-437E-B185-4BD47703A54B",
"versionEndExcluding": "20210305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-svr-202:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB57299A-5F53-44A5-B1D3-2E554180562B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5985D77C-E9BF-4E1B-8128-A0737281B8FA",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ADA01D-E62C-4D53-B70D-BFB750CA2B52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g02_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF566CC-966E-48E9-B6C9-F6CA52FFEAA1",
"versionEndExcluding": "20210209",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g02:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB93C5F-4C71-4337-B72F-FE9B6E5CF83C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g03_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F59201D7-3D0B-446F-90B9-FD19C9DB04C0",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61343FB6-5943-4FE7-9E3C-56F184622B7B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-g04_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F264AD39-4A3F-4273-A951-6DCB6768E82F",
"versionEndExcluding": "20210222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-g04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BCB236-F9AC-4729-BCAF-F005250C0F2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37D305D8-34F6-4BEF-99D4-CF4A18EFA9D3",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DE53C8-09D5-4D5E-97EE-A89E1478CD65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A20906F-F91F-486A-9340-8D22C93C19AE",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F83A8D-1489-48AA-911B-5BA561A57896",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A84ABF9C-EC9B-4CBF-967F-5F38DCD32A16",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C1F694-08A2-46E7-95C2-8DFA3D64423B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B70E20F8-83E0-45C9-B02F-D1957AD47C6A",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F607716E-7B7B-4620-819C-F44341B8C37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5065F83-0BD0-44B1-9E64-8689F0F3B4D0",
"versionEndExcluding": "20210218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF5326B-5E33-4C11-9AC6-A90357078FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A793B51-28F7-4A17-BD4C-74C2FCA053FC",
"versionEndExcluding": "20210204",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E08E3518-A03F-486D-B67A-013F67026D78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81DBEE28-6A04-43E0-9C5E-592162179896",
"versionEndExcluding": "20210208",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A132B170-A1FC-4D38-9965-0FF47B944FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:weintek:cmt-ctrl01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38F4698D-B9D6-42E4-9867-9BDCC2F2F2A8",
"versionEndExcluding": "20210302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:weintek:cmt-ctrl01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9CB899-1EE6-4599-861D-9BBA4856E5CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
},
{
"lang": "es",
"value": "La l\u00ednea de productos Weintek cMT es vulnerable a una inyecci\u00f3n de c\u00f3digo, que puede permitir a un atacante remoto no autenticado ejecutar comandos con privilegios de root en el sistema operativo"
}
],
"id": "CVE-2021-27446",
"lastModified": "2024-11-21T05:58:00.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-16T18:15:08.167",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-43492 (GCVE-0-2023-43492)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:28 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:40.211272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:29.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:28:59.236Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-43492",
"datePublished": "2023-10-19T19:28:59.236Z",
"dateReserved": "2023-09-20T14:26:47.014Z",
"dateUpdated": "2025-01-16T21:28:29.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40145 (GCVE-0-2023-40145)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:26 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI OS Command Injection
Summary
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - OS Command Injection
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:20:09.729366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:39.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:26:20.948Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-40145",
"datePublished": "2023-10-19T19:26:20.948Z",
"dateReserved": "2023-09-20T14:26:47.028Z",
"dateUpdated": "2025-01-16T21:28:39.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38584 (GCVE-0-2023-38584)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:20 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:44.800664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:46.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:20:20.059Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-38584",
"datePublished": "2023-10-19T19:20:20.059Z",
"dateReserved": "2023-09-20T14:26:47.021Z",
"dateUpdated": "2025-01-16T21:28:46.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27446 (GCVE-0-2021-27446)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Code Injection
Summary
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.
Severity ?
10 (Critical)
CWE
- CWE-94 - Code Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27446",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:54.929455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:16.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:44.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27446",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27446",
"datePublished": "2022-05-16T17:15:44.847Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:16.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27444 (GCVE-0-2021-27444)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Improper Access Control
Summary
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
Severity ?
9.8 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:59.080295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:25.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:15.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Improper Access Control",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27444",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Improper Access Control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27444",
"datePublished": "2022-05-16T17:15:15.597Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:25.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27442 (GCVE-0-2021-27442)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:13 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Cross-site Scripting
Summary
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
Severity ?
9.4 (Critical)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:55:04.749781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:32.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:13:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27442",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Cross-site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27442",
"datePublished": "2022-05-16T17:13:17.743Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:32.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43492 (GCVE-0-2023-43492)
Vulnerability from nvd – Published: 2023-10-19 19:28 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:40.211272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:29.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:28:59.236Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-43492",
"datePublished": "2023-10-19T19:28:59.236Z",
"dateReserved": "2023-09-20T14:26:47.014Z",
"dateUpdated": "2025-01-16T21:28:29.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40145 (GCVE-0-2023-40145)
Vulnerability from nvd – Published: 2023-10-19 19:26 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI OS Command Injection
Summary
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - OS Command Injection
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:20:09.729366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:39.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:26:20.948Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-40145",
"datePublished": "2023-10-19T19:26:20.948Z",
"dateReserved": "2023-09-20T14:26:47.028Z",
"dateUpdated": "2025-01-16T21:28:39.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38584 (GCVE-0-2023-38584)
Vulnerability from nvd – Published: 2023-10-19 19:20 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:44.800664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:46.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:20:20.059Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-38584",
"datePublished": "2023-10-19T19:20:20.059Z",
"dateReserved": "2023-09-20T14:26:47.021Z",
"dateUpdated": "2025-01-16T21:28:46.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27446 (GCVE-0-2021-27446)
Vulnerability from nvd – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Code Injection
Summary
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.
Severity ?
10 (Critical)
CWE
- CWE-94 - Code Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27446",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:54.929455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:16.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:44.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27446",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27446",
"datePublished": "2022-05-16T17:15:44.847Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:16.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27444 (GCVE-0-2021-27444)
Vulnerability from nvd – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Improper Access Control
Summary
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
Severity ?
9.8 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:59.080295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:25.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:15.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Improper Access Control",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27444",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Improper Access Control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27444",
"datePublished": "2022-05-16T17:15:15.597Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:25.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27442 (GCVE-0-2021-27442)
Vulnerability from nvd – Published: 2022-05-16 17:13 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Cross-site Scripting
Summary
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
Severity ?
9.4 (Critical)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:55:04.749781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:32.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:13:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27442",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Cross-site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27442",
"datePublished": "2022-05-16T17:13:17.743Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:32.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}