cbcvebase.
CVE-2023-38584
published 2023-10-19

CVE-2023-38584: In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.05%
60.0th percentile
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.

Affected

14 ranges
VendorProductVersion rangeFixed in
weintekcmt-fhd<= 20210210
weintekcmt-fhd_firmware< 2021021220210212
weintekcmt-hdm<= 20210204
weintekcmt-hdm_firmware< 2021020620210206
weintekcmt3071<= 20210218
weintekcmt3071_firmware< 2021022020210220
weintekcmt3072<= 20210218
weintekcmt3072_firmware< 2021022020210220
weintekcmt3090<= 20210218
weintekcmt3090_firmware< 2021022020210220
weintekcmt3103<= 20210218
weintekcmt3103_firmware< 2021022020210220
weintekcmt3151<= 20210218
weintekcmt3151_firmware< 2021022020210220

Detection & IOCsextracted from sources · hover to see the quote

path/cgi-bin/command_wb.cgi
  • Monitor for unauthenticated HTTP requests targeting /cgi-bin/command_wb.cgi on Weintek cMT3000 HMI devices, which may indicate exploitation of the stack-based buffer overflow to bypass login authentication.
  • Monitor for unauthenticated HTTP requests targeting /cgi-bin/codesys.cgi on Weintek cMT3000 HMI devices, which may indicate exploitation of a related stack-based buffer overflow (CVE-2023-43492).
  • The vulnerability is exploitable remotely with no authentication and low attack complexity (CVSS 9.8); prioritize detection of any external network access to these CGI endpoints.
  • ·No known public exploitation specifically targeting these vulnerabilities has been reported at time of advisory publication.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.