In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeintek Cmt3071
HWWeintekwszystkie wersjeWeintek Cmt3071 Firmware
OSWeintek< 20210220Weintek Cmt3072
HWWeintekwszystkie wersjeWeintek Cmt3072 Firmware
OSWeintek< 20210220Weintek Cmt3090
HWWeintekwszystkie wersjeWeintek Cmt3090 Firmware
OSWeintek< 20210220Weintek Cmt3103
HWWeintekwszystkie wersjeWeintek Cmt3103 Firmware
OSWeintek< 20210220Weintek Cmt3151
HWWeintekwszystkie wersjeWeintek Cmt3151 Firmware
OSWeintek< 20210220Weintek Cmt Fhd
HWWeintekwszystkie wersjeWeintek Cmt Fhd Firmware
OSWeintek< 20210212Weintek Cmt Hdm
HWWeintekwszystkie wersjeWeintek Cmt Hdm Firmware
OSWeintek< 20210206
Related vulnerabilities
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overfl...
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unaut...
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthentic...
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attack...
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after l...