CVE-2024-55027

High CVSS: 7.5

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.

Vendor

Product

CWE

Yayın Tarihi

2026-03-03 20:16:41

Güncelleme

2026-03-04 18:48:16

Source Identifier

cve@mitre.org

KEV Date Added

CWE-312 Easyweb HIGH Weintek 2026

https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4

High

CVE-2024-55021

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol.

High

CVE-2024-55022

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerabi…

Medium

CVE-2024-55023

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow…

Critical

CVE-2024-55024

An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v202310…

Medium

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized a…

Critical

CVE-2024-55026

An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers…