Weintek cMT-G04

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:h:weintek:cmt-g04:-:*:*:*:*:*:*:*

part: h version: - update: *

VendorWeintek (b4691633-4eb4-52d5-bc64-ee82eca3c353)
ProductCmt G04 (0b57a075-b5ee-56f2-b208-8fd72ad5bfc9)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-27446 not_vulnerable 2026-06-03 14:44:15.954768 Weintek EasyWeb cMT Code Injection
CRITICAL (10)
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.
Published: 2022-05-16T17:15:44.847Z
Updated: 2025-04-16T16:21:16.549Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-27444 not_vulnerable 2026-06-03 14:44:15.945514 Weintek EasyWeb cMT Improper Access Control
CRITICAL (9.8)
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
Published: 2022-05-16T17:15:15.597Z
Updated: 2025-04-16T16:21:25.289Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-27442 not_vulnerable 2026-06-03 14:44:15.929997 Weintek EasyWeb cMT Cross-site Scripting
CRITICAL (9.4)
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
Published: 2022-05-16T17:13:17.743Z
Updated: 2025-04-16T16:21:32.645Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.