View CSAF
1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Weintek
- Equipment: cMT3000 CMI Web CGI
- Vulnerabilities: Stack-based Buffer Overflow, OS Command Injection
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to hijack control flow and bypass login authentication or execute arbitrary commands.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Weintek products are affected:
- cMT-FHD: OS version 20210210 or prior.
- cMT-HDM: OS version 20210204 or prior.
- cMT3071: OS version 20210218 or prior.
- cMT3072: OS v
[…]
This article has been indexed from All CISA Advisories