An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter.
References
Link | Resource |
---|---|
https://literate-bakery-10b.notion.site/Weintek-EasyWeb-cMT-Reports-3fc0b10798b54f51a61d719395c408da?pvs=4 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-19T00:00:00
Updated: 2023-12-19T20:33:18.884089
Reserved: 2023-12-11T00:00:00
Link: CVE-2023-50466
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-19T21:15:09.740
Modified: 2023-12-29T17:07:07.703
Link: CVE-2023-50466
JSON object: View
Redhat Information
No data.
CWE