CVE-2021-27446

Summary

The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.

Affected Software

VendorProductVersion RangeStatus
WeintekcMT-SVR-1xx/2xxunspecified < 20210305affected
WeintekcMT-G01/G02unspecified < 20210209affected
WeintekcMT-G03/G04unspecified < 20210222affected
WeintekcMT3071/cMT3072/cMT3090/cMT3103/cMT3151unspecified < 20210218affected
WeintekcMT-HDMunspecified < 20210204affected
WeintekcMT-FHDunspecified < 20210208affected
WeintekcMT-CTRL01unspecified < 20210302affected

Weaknesses

  • CWE-94: CWE-94: Code Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References