← volver
CVE-2023-40145

Weintek cMT3000 HMI Web CGI OS Command Injection

CVSS 8.8 HIGHEPSS 1.2%CWE-78
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Weintek · cMT3071Weintek · cMT3072Weintek · cMT3090Weintek · cMT3103Weintek · cMT3151Weintek · cMT-FHDWeintek · cMT-HDM

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdfhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12