Easyweb
This hub aggregates every CVE we track for Easyweb, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
3
Critical
2
High
0
In CISA KEV
Severity distribution
CRITICAL3HIGH2MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
6
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Easyweb.
- CVE-2024-55026An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request.9.8
- CVE-2024-55019Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files.7.5
- CVE-2024-55027Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.7.5
- CVE-2024-55025Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system.6.5
- CVE-2024-55020A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges.9.8
- CVE-2024-55024An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using serv...9.8
Product normalization is registry-driven with AI assist and human review. How it works