Weintek Cmt-hdm Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Weintek Cmt-hdm Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-27446 — CVSS 10.0 (critical): The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with…
CVE-2021-27444 — CVSS 9.8 (critical): The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely…
CVE-2023-38584 — CVSS 9.8 (critical): In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous…
CVE-2023-43492 — CVSS 9.8 (critical): In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous…
CVE-2021-27442 — CVSS 9.4 (critical): The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to…
CVE-2023-40145 — CVSS 8.8 (high): In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.