CVE-2021-27442

Summary

The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.

Affected Software

VendorProductVersion RangeStatus
WeintekcMT-SVR-1xx/2xxunspecified < 20210305affected
WeintekcMT-G01/G02unspecified < 20210209affected
WeintekcMT-G03/G04unspecified < 20210222affected
WeintekcMT3071/cMT3072/cMT3090/cMT3103/cMT3151unspecified < 20210218affected
WeintekcMT-HDMunspecified < 20210204affected
WeintekcMT-FHDunspecified < 20210208affected
WeintekcMT-CTRL01unspecified < 20210302affected

Weaknesses

  • CWE-79: CWE-79: Cross-site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References