Vulnerabilities > Weintek > Cmt3071 Firmware > 20210218
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-19 | CVE-2023-38584 | Out-of-bounds Write vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | 9.8 |
2023-10-19 | CVE-2023-40145 | OS Command Injection vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. | 8.8 |
2023-10-19 | CVE-2023-43492 | Out-of-bounds Write vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | 9.8 |