High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-19	CVE-2023-40145	OS Command Injection vulnerability in Weintek products In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device. network low complexity weintek CWE-78	8.8
2022-05-16	CVE-2021-27444	Unspecified vulnerability in Weintek products The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator. network low complexity weintek	7.5