VYPR

cMT3000

by Weintek

CVEs (3)

  • CVE-2023-43492CriOct 19, 2023
    risk 0.64cvss 9.8epss 0.01

    In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.

  • CVE-2023-38584CriOct 19, 2023
    risk 0.64cvss 9.8epss 0.01

    In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.

  • CVE-2023-40145HigOct 19, 2023
    risk 0.57cvss 8.8epss 0.01

    In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.