Skip to main content

Cmt3072 Firmware

3 CVEs product

Monthly

CVE-2023-43492 CRITICAL POC Act Now

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Cmt Fhd Firmware Cmt Hdm Firmware Cmt3071 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-40145 HIGH This Week

In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cmt Fhd Firmware Cmt Hdm Firmware Cmt3071 Firmware Cmt3072 Firmware +3
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-38584 CRITICAL Act Now

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Cmt Fhd Firmware Cmt Hdm Firmware Cmt3071 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Cmt Fhd Firmware +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cmt Fhd Firmware Cmt Hdm Firmware +5
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Cmt Fhd Firmware +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy