cbcvebase.
CVE-2023-5777
published 2023-11-06

CVE-2023-5777: Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the…

PriorityP350critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.54%
41.1th percentile
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.

Affected

5 ranges
VendorProductVersion rangeFixed in
weintekeasybuilder_pro< v6.07.02v6.07.02
weintekeasybuilder_pro< 6.07.026.07.02
weintekeasybuilder_pro<= 6.08.01.592
weintekeasybuilder_pro>= 6.08.01.190 < 6.08.01.6146.08.01.614
weintekeasybuilder_pro>= 6.08.02 < 6.08.02.5006.08.02.500
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.