Approved changes feed: RSS · Atom
cpe:2.3:a:weintek:weincloud:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Weintek (b4691633-4eb4-52d5-bc64-ee82eca3c353) |
|---|---|
| Product | Weincloud (a27477f6-b686-51db-9df0-0a508c52e600) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-37362 |
vulnerable | 2026-06-03 14:52:28.767742 |
Weintek Weincloud Improper Authentication
HIGH (7.2)
Weintek Weincloud v0.13.6
could allow an attacker to abuse the registration functionality to login with testing credentials to the official website.
Published: 2023-07-19T21:50:42.036Z
Updated: 2025-03-06T15:04:53.644Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-35134 |
vulnerable | 2026-06-03 14:52:17.818165 |
Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password
HIGH (7.4)
Weintek Weincloud v0.13.6
could allow an attacker to reset a password with the corresponding account’s JWT token only.
Published: 2023-07-19T21:43:20.562Z
Updated: 2024-10-28T14:30:07.804Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34429 |
vulnerable | 2026-06-03 14:52:16.750735 |
Weintek Weincloud Improper Handling of Structural Elements
HIGH (7.5)
Weintek Weincloud v0.13.6
could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.
Published: 2023-07-19T21:45:39.544Z
Updated: 2024-10-28T14:29:40.049Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-32657 |
vulnerable | 2026-06-03 14:51:59.484115 |
Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
MEDIUM (5.3)
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.
Published: 2023-07-19T21:47:37.160Z
Updated: 2024-10-28T14:20:52.959Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.