CVE-2021-27444

Summary

The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.

Affected Software

VendorProductVersion RangeStatus
WeintekcMT-SVR-1xx/2xxunspecified < 20210305affected
WeintekcMT-G01/G02unspecified < 20210209affected
WeintekcMT-G03/G04unspecified < 20210222affected
WeintekcMT3071/cMT3072/cMT3090/cMT3103/cMT3151unspecified < 20210218affected
WeintekcMT-HDMunspecified < 20210204affected
WeintekcMT-FHDunspecified < 20210208affected
WeintekcMT-CTRL01unspecified < 20210302affected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References