Vulnerabilities in Weintek
14 resultsCVE-2023-0104CRITICAL
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This mayEPSS 21.8%CVE-2021-27446CRITICALWeintek EasyWeb cMT Code InjectionEPSS 2.6%CVE-2023-40145HIGHWeintek cMT3000 HMI Web CGI OS Command InjectionEPSS 1.2%CVE-2023-38584CRITICALWeintek cMT3000 HMI Web CGI Stack-based Buffer OverflowEPSS 1.1%CVE-2021-27444CRITICALWeintek EasyWeb cMT Improper Access ControlEPSS 1.1%CVE-2023-43492CRITICALWeintek cMT3000 HMI Web CGI Stack-based Buffer OverflowEPSS 0.9%CVE-2021-27442CRITICALWeintek EasyWeb cMT Cross-site ScriptingEPSS 0.8%CVE-2023-5777CRITICALWeintek EasyBuilder Pro Use of Hard-coded CredentialsEPSS 0.5%CVE-2023-34429HIGHWeintek Weincloud Improper Handling of Structural ElementsEPSS 0.5%CVE-2023-37362HIGHWeintek Weincloud Improper AuthenticationEPSS 0.5%CVE-2023-32657MEDIUMWeintek Weincloud Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2023-35134HIGHWeintek Weincloud Weak Password Recovery Mechanism for Forgotten PasswordEPSS 0.4%CVE-2025-14751HIGHUnverified Password Change in Weintek cMT X Series HMI EasyWeb ServiceEPSS 0.4%CVE-2025-14750HIGHExternal Control of Assumed-Immutable Web Parameter in Weintek cMT X Series HMI EasyWeb ServiceEPSS 0.3%