Skip to main content

Weincloud

4 CVEs product

Monthly

CVE-2023-37362 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-35134 MEDIUM This Month

Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-34429 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-32657 HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
CVSS 3.1
7.5
EPSS
0.4%
EPSS 1% CVSS 8.8
HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Weincloud
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Weincloud
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy