cbcvebase.
CVE-2021-27446
published 2022-05-16

CVE-2021-27446: The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on…

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.64%
83.7th percentile
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.

Affected

23 ranges
VendorProductVersion rangeFixed in
weintekcmt-ctrl01>= unspecified < 2021030220210302
weintekcmt-ctrl01_firmware< 2021030220210302
weintekcmt-fhd>= unspecified < 2021020820210208
weintekcmt-fhd_firmware< 2021020820210208
weintekcmt-g01_firmware< 2021020920210209
weintekcmt-g01_g02>= unspecified < 2021020920210209
weintekcmt-g02_firmware< 2021020920210209
weintekcmt-g03_firmware< 2021022220210222
weintekcmt-g03_g04>= unspecified < 2021022220210222
weintekcmt-g04_firmware< 2021022220210222
weintekcmt-hdm>= unspecified < 2021020420210204
weintekcmt-hdm_firmware< 2021020420210204
weintekcmt-svr-100_firmware< 2021030520210305
weintekcmt-svr-102_firmware< 2021030520210305
weintekcmt-svr-1xx_2xx>= unspecified < 2021030520210305
weintekcmt-svr-200_firmware< 2021030520210305
weintekcmt-svr-202_firmware< 2021030520210305
weintekcmt3071_cmt3072_cmt3090_cmt3103_cmt3151>= unspecified < 2021021820210218
weintekcmt3071_firmware< 2021021820210218
weintekcmt3072_firmware< 2021021820210218
weintekcmt3090_firmware< 2021021820210218
weintekcmt3103_firmware< 2021021820210218
weintekcmt3151_firmware< 2021021820210218

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2021-27446 is a code injection vulnerability in Weintek cMT product line allowing unauthenticated remote attackers to execute commands with root privileges; CVSS v3 score is 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
  • Exploitation requires no authentication, no user interaction, and low skill level — prioritize detection of anomalous remote access to cMT devices on the network
  • No known public exploits were available at time of advisory publication (March 23, 2021); monitor threat intel feeds for emerging PoC activity
  • ·CVE-2021-27446 (code injection) co-exists with CVE-2021-27444 (improper access control, CVSS 9.8) and CVE-2021-27442 (XSS, CVSS 9.4) on the same product line — all three should be remediated together

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.