Search criteria
12 vulnerabilities by Weintek
CVE-2023-5777 (GCVE-0-2023-5777)
Vulnerability from cvelistv5 – Published: 2023-11-06 19:26 – Updated: 2025-01-16 21:26
VLAI?
Title
Weintek EasyBuilder Pro Use of Hard-coded Credentials
Summary
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Weintek | EasyBuilder Pro |
Affected:
0 , < v6.07.02
(custom)
Affected: 0 , ≤ 6.08.01.592 (custom) Affected: 0 , ≤ 6.08.02.470 (custom) |
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-05"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5777",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:21.675124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:26:49.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EasyBuilder Pro",
"vendor": "Weintek",
"versions": [
{
"lessThan": "v6.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.08.01.592",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.08.02.470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported this vulnerability to CISA."
}
],
"datePublic": "2023-11-02T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWeintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nWeintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-06T19:26:09.044Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eWeintek recommends users apply the following mitigations:\u003c/p\u003e\u003cul\u003e\u003cli\u003eUpdate EasyBuilder Pro to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.weintek.com/globalw/Download/Download.aspx\"\u003ev6.08.01.614\u003c/a\u003e\u003c/li\u003e\u003cli\u003eUpdate EasyBuilder Pro to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.weintek.com/globalw/Download/Download.aspx\"\u003ev6.08.02.500\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users apply the following mitigations:\n\n * Update EasyBuilder Pro to v6.08.01.614 https://www.weintek.com/globalw/Download/Download.aspx \n * Update EasyBuilder Pro to v6.08.02.500 https://www.weintek.com/globalw/Download/Download.aspx \n\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-306-05",
"discovery": "EXTERNAL"
},
"title": "Weintek EasyBuilder Pro Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-5777",
"datePublished": "2023-11-06T19:26:09.044Z",
"dateReserved": "2023-10-25T22:32:36.999Z",
"dateUpdated": "2025-01-16T21:26:49.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43492 (GCVE-0-2023-43492)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:28 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:40.211272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:29.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:28:59.236Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-43492",
"datePublished": "2023-10-19T19:28:59.236Z",
"dateReserved": "2023-09-20T14:26:47.014Z",
"dateUpdated": "2025-01-16T21:28:29.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40145 (GCVE-0-2023-40145)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:26 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI OS Command Injection
Summary
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - OS Command Injection
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:20:09.729366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:39.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:26:20.948Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-40145",
"datePublished": "2023-10-19T19:26:20.948Z",
"dateReserved": "2023-09-20T14:26:47.028Z",
"dateUpdated": "2025-01-16T21:28:39.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38584 (GCVE-0-2023-38584)
Vulnerability from cvelistv5 – Published: 2023-10-19 19:20 – Updated: 2025-01-16 21:28
VLAI?
Title
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Summary
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"tags": [
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T21:22:44.800664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:28:46.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210210 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210204 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3071",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3072",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3103",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3090",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "20210218",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-10-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\nIn Weintek\u0027s cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T19:20:20.059Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\u003cp\u003eWeintek recommends users follow their \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\"\u003eUpgrade Instructions\u003c/a\u003e\u0026nbsp;to update the following products to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003ecMT-FHD: OS version 20210211\u003c/li\u003e\u003cli\u003ecMT-HDM: OS version 20210205\u003c/li\u003e\u003cli\u003ecMT3071: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3072: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3103: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3090: OS version 20210219\u003c/li\u003e\u003cli\u003ecMT3151: OS version 20210219\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor additional information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\"\u003eWeintek\u0027s security bulletin\u003c/a\u003e.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek\u0027s security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"title": "Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-38584",
"datePublished": "2023-10-19T19:20:20.059Z",
"dateReserved": "2023-09-20T14:26:47.021Z",
"dateUpdated": "2025-01-16T21:28:46.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37362 (GCVE-0-2023-37362)
Vulnerability from cvelistv5 – Published: 2023-07-19 21:50 – Updated: 2025-03-06 15:04
VLAI?
Title
Weintek Weincloud Improper Authentication
Summary
Weintek Weincloud v0.13.6
could allow an attacker to abuse the registration functionality to login with testing credentials to the official website.
Severity ?
7.2 (High)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T14:20:12.749745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T14:20:20.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Weincloud",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "0.13.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "\u200bHank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-07-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWeintek Weincloud v\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e0.13.6\u003c/span\u003e\n\n \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould allow an attacker to abuse the registration functionality to login with testing credentials to the official website.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "Weintek Weincloud v0.13.6\n\n \n\ncould allow an attacker to abuse the registration functionality to login with testing credentials to the official website."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:04:53.644Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users."
}
],
"source": {
"advisory": "ICSA-23-199-04",
"discovery": "EXTERNAL"
},
"title": "Weintek Weincloud Improper Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u200bAdditional mitigations are recommended to help reduce risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\u003c/li\u003e\u003cli\u003e\u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\u003c/li\u003e\u003cli\u003e\u200bRegularly change passwords to reduce risks.\u003c/li\u003e\u003cli\u003e\u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\u200bAdditional mitigations are recommended to help reduce risk:\n\n * \u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\n * \u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\n * \u200bRegularly change passwords to reduce risks.\n * \u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-37362",
"datePublished": "2023-07-19T21:50:42.036Z",
"dateReserved": "2023-07-13T15:55:48.885Z",
"dateUpdated": "2025-03-06T15:04:53.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32657 (GCVE-0-2023-32657)
Vulnerability from cvelistv5 – Published: 2023-07-19 21:47 – Updated: 2024-10-28 14:20
VLAI?
Title
Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
Summary
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.
Severity ?
5.3 (Medium)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T14:20:43.540823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T14:20:52.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Weincloud",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "0.13.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "\u200bHank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-07-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWeintek Weincloud v\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e0.13.6\u003c/span\u003e\n\n \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nWeintek Weincloud v0.13.6\n\n \n\ncould allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-19T21:47:37.160Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\n\n\n\n\n\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-199-04",
"discovery": "EXTERNAL"
},
"title": "Weintek Weincloud Improper Restriction of Excessive Authentication Attempts",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u200bAdditional mitigations are recommended to help reduce risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\u003c/li\u003e\u003cli\u003e\u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\u003c/li\u003e\u003cli\u003e\u200bRegularly change passwords to reduce risks.\u003c/li\u003e\u003cli\u003e\u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\n\u200bAdditional mitigations are recommended to help reduce risk:\n\n * \u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\n * \u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\n * \u200bRegularly change passwords to reduce risks.\n * \u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-32657",
"datePublished": "2023-07-19T21:47:37.160Z",
"dateReserved": "2023-07-13T15:55:48.890Z",
"dateUpdated": "2024-10-28T14:20:52.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34429 (GCVE-0-2023-34429)
Vulnerability from cvelistv5 – Published: 2023-07-19 21:45 – Updated: 2024-10-28 14:29
VLAI?
Title
Weintek Weincloud Improper Handling of Structural Elements
Summary
Weintek Weincloud v0.13.6
could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.
Severity ?
7.5 (High)
CWE
- CWE-237 - Improper Handling of Structural Elements
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:10:07.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T14:29:27.447079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T14:29:40.049Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Weincloud",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "0.13.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "\u200bHank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-07-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWeintek Weincloud v\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e0.13.6\u003c/span\u003e\n\n \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nWeintek Weincloud v0.13.6\n\n \n\ncould allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-237",
"description": "CWE-237 Improper Handling of Structural Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-19T21:45:39.544Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\u003c/p\u003e\u003cp\u003e\u200b\u003c/p\u003e"
}
],
"value": "\n\n\n\n\n\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\n\n\u200b\n\n"
}
],
"source": {
"advisory": "ICSA-23-199-04",
"discovery": "EXTERNAL"
},
"title": "Weintek Weincloud Improper Handling of Structural Elements",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAdditional mitigations are recommended to help reduce risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\u003c/li\u003e\u003cli\u003e\u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\u003c/li\u003e\u003cli\u003e\u200bRegularly change passwords to reduce risks.\u003c/li\u003e\u003cli\u003e\u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAdditional mitigations are recommended to help reduce risk:\n\n * \u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\n * \u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\n * \u200bRegularly change passwords to reduce risks.\n * \u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-34429",
"datePublished": "2023-07-19T21:45:39.544Z",
"dateReserved": "2023-07-13T15:55:48.894Z",
"dateUpdated": "2024-10-28T14:29:40.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35134 (GCVE-0-2023-35134)
Vulnerability from cvelistv5 – Published: 2023-07-19 21:43 – Updated: 2024-10-28 14:30
VLAI?
Title
Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password
Summary
Weintek Weincloud v0.13.6
could allow an attacker to reset a password with the corresponding account’s JWT token only.
Severity ?
7.4 (High)
CWE
- CWE-640 - Weak Password Recovery Mechanism for Forgotten Password
Assigner
References
Credits
Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T14:29:57.942492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T14:30:07.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Weincloud",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "0.13.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "\u200bHank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"datePublic": "2023-07-18T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWeintek Weincloud v\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e0.13.6\u003c/span\u003e\n\n could allow an attacker to reset a password with the corresponding account\u2019s JWT token only.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nWeintek Weincloud v0.13.6\n\n could allow an attacker to reset a password with the corresponding account\u2019s JWT token only.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-640",
"description": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-19T21:43:20.562Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\n\n\n\n\n\u200bWeintek has updated their account API to v0.13.8, which has fixed the issue. This fix does not require any action for users.\n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-199-04",
"discovery": "EXTERNAL"
},
"title": "Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u200bAdditional mitigations are recommended to help reduce risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\u003c/li\u003e\u003cli\u003e\u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\u003c/li\u003e\u003cli\u003e\u200bRegularly change passwords to reduce risks.\u003c/li\u003e\u003cli\u003e\u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\n\u200bAdditional mitigations are recommended to help reduce risk:\n\n * \u200bLog in on trusted computers if possible. Log out after usage on un-trusted ones.\n * \u200bOn the HMIs, if the online services are not used, set to offline mode for EasyAccess 2.0 or Dashboard services using system reserved addresses.\n * \u200bRegularly change passwords to reduce risks.\n * \u200bMinimize network exposure for all control system devices and/or systems, and ensure they are not accessible- only applicable devices and/or systems have access to the internet.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-35134",
"datePublished": "2023-07-19T21:43:20.562Z",
"dateReserved": "2023-07-13T15:55:48.879Z",
"dateUpdated": "2024-10-28T14:30:07.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0104 (GCVE-0-2023-0104)
Vulnerability from cvelistv5 – Published: 2023-02-22 20:25 – Updated: 2025-01-16 21:55
VLAI?
Summary
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data.
Severity ?
9.3 (Critical)
CWE
- CWE-29 - Path Traversal: '\..\filename'
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Weintek | EasyBuilder Pro cMT |
Affected:
0 , ≤ 6.07.01
(custom)
Affected: 0 , ≤ 6.07.02.479 (custom) Affected: 0 , ≤ 6.08.01.349 (custom) |
Credits
Hank Chen and Mars Cheng of PSIRT and Threat Research of TXOne Networks reported this vulnerability to CISA. Patrick Kuo of TXOne Networks also contributed to this research.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-045-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0104",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:21:56.130362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:55:59.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EasyBuilder Pro cMT ",
"vendor": "Weintek",
"versions": [
{
"lessThanOrEqual": "6.07.01",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.07.02.479 ",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.08.01.349 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hank Chen and Mars Cheng of PSIRT and Threat Research of TXOne Networks reported this vulnerability to CISA. Patrick Kuo of TXOne Networks also contributed to this research."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eThe listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user\u2019s computer or gain access to sensitive data. \u0026nbsp; \u003c/p\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nThe listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user\u2019s computer or gain access to sensitive data. \u00a0 \n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-29",
"description": "CWE-29 Path Traversal: \u0027\\..\\filename\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-22T20:25:04.680Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-045-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: var(--wht);\"\u003eWeintek recommends users to implement the following\nmitigation techniques:\u003c/span\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nUpgrade EasyBuilder Pro to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/EBPro/Installer/EBproV60702480.zip\"\u003ev6.07.02.480\u003c/a\u003e,\n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/EBPro/Installer/EBproV60801350.zip\"\u003ev6.08.01.350\u003c/a\u003e\nor later.\u003c/p\u003e\n\n\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\nUse Decompile only on trusted sources and only when\nneeded.\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Weintek recommends users to implement the following\nmitigation techniques:\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nUpgrade EasyBuilder Pro to v6.07.02.480 https://dl.weintek.com/EBPro/Installer/EBproV60702480.zip ,\n v6.08.01.350 https://dl.weintek.com/EBPro/Installer/EBproV60801350.zip \nor later.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nUse Decompile only on trusted sources and only when\nneeded.\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-0104",
"datePublished": "2023-02-22T20:25:04.680Z",
"dateReserved": "2023-01-06T18:50:05.156Z",
"dateUpdated": "2025-01-16T21:55:59.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27446 (GCVE-0-2021-27446)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Code Injection
Summary
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.
Severity ?
10 (Critical)
CWE
- CWE-94 - Code Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27446",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:54.929455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:16.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:44.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27446",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27446",
"datePublished": "2022-05-16T17:15:44.847Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:16.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27444 (GCVE-0-2021-27444)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:15 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Improper Access Control
Summary
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
Severity ?
9.8 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:59.080295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:25.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:15:15.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Improper Access Control",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27444",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Improper Access Control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27444",
"datePublished": "2022-05-16T17:15:15.597Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:25.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27442 (GCVE-0-2021-27442)
Vulnerability from cvelistv5 – Published: 2022-05-16 17:13 – Updated: 2025-04-16 16:21
VLAI?
Title
Weintek EasyWeb cMT Cross-site Scripting
Summary
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
Severity ?
9.4 (Critical)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Weintek | cMT-SVR-1xx/2xx |
Affected:
unspecified , < 20210305
(custom)
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:55:04.749781Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:21:32.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cMT-SVR-1xx/2xx",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210305",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G01/G02",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210209",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-G03/G04",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210222",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210218",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-HDM",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-FHD",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210208",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "cMT-CTRL01",
"vendor": "Weintek",
"versions": [
{
"lessThan": "20210302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T17:13:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weintek EasyWeb cMT Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-03-23T17:00:00.000Z",
"ID": "CVE-2021-27442",
"STATE": "PUBLIC",
"TITLE": "Weintek EasyWeb cMT Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cMT-SVR-1xx/2xx",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210305"
}
]
}
},
{
"product_name": "cMT-G01/G02",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210209"
}
]
}
},
{
"product_name": "cMT-G03/G04",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210222"
}
]
}
},
{
"product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210204"
}
]
}
},
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210208"
}
]
}
},
{
"product_name": "cMT-CTRL01",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20210302"
}
]
}
}
]
},
"vendor_name": "Weintek"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Cross-site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01"
},
{
"name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf",
"refsource": "CONFIRM",
"url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27442",
"datePublished": "2022-05-16T17:13:17.743Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:21:32.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}