Unrated severityNVD Advisory· Published Oct 19, 2023· Updated Jan 16, 2025

Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow

CVE-2023-38584

Description

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.

Affected products

Weintek/Cmt3071v5
Range: 0
Weintek/Cmt3103v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdfmitre
www.cisa.gov/news-events/ics-advisories/icsa-23-285-12mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000