Filtered by vendor Weintek
Subscriptions
Filtered by product Cmt-ctrl01
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14751 | 1 Weintek | 3 Cmt-ctrl01, Cmt-svrx-820, Cmt3072xh | 2026-01-23 | N/A |
| A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation. | ||||
| CVE-2025-14750 | 1 Weintek | 3 Cmt-ctrl01, Cmt-svrx-820, Cmt3072xh | 2026-01-23 | N/A |
| The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges. | ||||
| CVE-2021-27442 | 1 Weintek | 32 Cmt-ctrl01, Cmt-ctrl01 Firmware, Cmt-fhd and 29 more | 2025-04-16 | 9.4 Critical |
| The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code. | ||||
| CVE-2021-27444 | 1 Weintek | 32 Cmt-ctrl01, Cmt-ctrl01 Firmware, Cmt-fhd and 29 more | 2025-04-16 | 9.8 Critical |
| The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator. | ||||
| CVE-2021-27446 | 1 Weintek | 32 Cmt-ctrl01, Cmt-ctrl01 Firmware, Cmt-fhd and 29 more | 2025-04-16 | 10 Critical |
| The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. | ||||
Page 1 of 1.