← volver
CVE-2023-38584

Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow

CVSS 9.8 CRITICALEPSS 1.1%CWE-121
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Weintek · cMT3071Weintek · cMT3072Weintek · cMT3090Weintek · cMT3103Weintek · cMT3151Weintek · cMT-FHDWeintek · cMT-HDM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdfhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12