cbcvebase.
CVE-2021-27444
published 2022-05-16

CVE-2021-27444: The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download…

PriorityP351critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.05%
60.0th percentile
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.

Affected

23 ranges
VendorProductVersion rangeFixed in
weintekcmt-ctrl01>= unspecified < 2021030220210302
weintekcmt-ctrl01_firmware< 2021030220210302
weintekcmt-fhd>= unspecified < 2021020820210208
weintekcmt-fhd_firmware< 2021020820210208
weintekcmt-g01_firmware< 2021020920210209
weintekcmt-g01_g02>= unspecified < 2021020920210209
weintekcmt-g02_firmware< 2021020920210209
weintekcmt-g03_firmware< 2021022220210222
weintekcmt-g03_g04>= unspecified < 2021022220210222
weintekcmt-g04_firmware< 2021022220210222
weintekcmt-hdm>= unspecified < 2021020420210204
weintekcmt-hdm_firmware< 2021020420210204
weintekcmt-svr-100_firmware< 2021030520210305
weintekcmt-svr-102_firmware< 2021030520210305
weintekcmt-svr-1xx_2xx>= unspecified < 2021030520210305
weintekcmt-svr-200_firmware< 2021030520210305
weintekcmt-svr-202_firmware< 2021030520210305
weintekcmt3071_cmt3072_cmt3090_cmt3103_cmt3151>= unspecified < 2021021820210218
weintekcmt3071_firmware< 2021021820210218
weintekcmt3072_firmware< 2021021820210218
weintekcmt3090_firmware< 2021021820210218
weintekcmt3103_firmware< 2021021820210218
weintekcmt3151_firmware< 2021021820210218

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.