CVE-2024-55024

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011

Description An authentication bypass exists in the authorization mechanism of the software. This allows unauthorized attackers to perform administrative actions using service accounts.

Recommendations Update to a newer version that contains a fix for this vulnerability.

Fix

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

CVE-2024-55024

Affected Products

Cmt-3072Xh2

Easyweb

CVE-2024-55024

Weakness Enumeration

Related Identifiers

Affected Products

References · 8