CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-50466

An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.9%

CVSS Severity

CVSS v3 Score 8.8

References

https://literate-bakery-10b.notion.site/Weintek-EasyWeb-cMT-Reports-3fc0b10798b54f51a61d719395c408da?pvs=4
https://literate-bakery-10b.notion.site/Weintek-EasyWeb-cMT-Reports-3fc0b10798b54f51a61d719395c408da?pvs=4

Products affected by CVE-2023-50466

Weintek » Cmt2078x » Version: N/A

cpe:2.3:h:weintek:cmt2078x:-
Weintek » Cmt2078x Firmware » Version: 2.1.3

cpe:2.3:o:weintek:cmt2078x_firmware:2.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50466

Products

Pricing

Contact Us