Authenticated Command Injection Vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215

Authenticated Command Injection Vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215

CVE-2023-50466 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter.

Learn more about our Web App Pen Testing.