CVE-2023-34429

Name of the Vulnerable Software and Affected Versions Weintek Weincloud version 0.13.6

Description The issue is related to the incorrect handling of construction elements in the Weincloud cloud platform for managing industrial devices. An attacker could exploit this by sending a forged JWT token, potentially causing a denial-of-service condition for Weincloud. This could be achieved by remotely sending the forged token.

Recommendations For Weintek Weincloud version 0.13.6, consider disabling the handling of JWT tokens as a temporary workaround until a patch is available. Restrict access to the Weincloud platform to minimize the risk of exploitation. Avoid using the JWT token in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.