{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T01:19:43.338","vulnerabilities":[{"cve":{"id":"CVE-2023-43492","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2023-10-19T20:15:09.230","lastModified":"2024-11-21T08:24:08.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\n\n\n\n\n\n\n\n\nIn Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"},{"lang":"es","value":"En el dispositivo cMT3000 HMI Web CGI de Weintek, el cgi-bin codesys.cgi contiene un desbordamiento de búfer basado en pila, que podría permitir a un atacante anónimo secuestrar el flujo de control y evitar la autenticación de inicio de sesión."}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt-fhd_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210212","matchCriteriaId":"33538560-F796-4D1D-AA52-63DB5FD817BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt-fhd:-:*:*:*:*:*:*:*","matchCriteriaId":"A132B170-A1FC-4D38-9965-0FF47B944FD5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt-hdm_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210206","matchCriteriaId":"52502356-D835-4468-BCA6-875177B562F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt-hdm:-:*:*:*:*:*:*:*","matchCriteriaId":"E08E3518-A03F-486D-B67A-013F67026D78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt3071_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210220","matchCriteriaId":"210A03BC-C9BB-4832-BDB2-2EB5E87FD13A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt3071:-:*:*:*:*:*:*:*","matchCriteriaId":"A4DE53C8-09D5-4D5E-97EE-A89E1478CD65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt3072_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210220","matchCriteriaId":"17422509-5131-48A3-8C9A-ECA4332C33F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt3072:-:*:*:*:*:*:*:*","matchCriteriaId":"E3F83A8D-1489-48AA-911B-5BA561A57896"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt3090_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210220","matchCriteriaId":"3E5B9225-364C-46BD-BCB4-E151923855CC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt3090:-:*:*:*:*:*:*:*","matchCriteriaId":"79C1F694-08A2-46E7-95C2-8DFA3D64423B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt3103_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210220","matchCriteriaId":"3651EA3F-5C3F-4893-AF82-E7FDBBAF5EAA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt3103:-:*:*:*:*:*:*:*","matchCriteriaId":"F607716E-7B7B-4620-819C-F44341B8C37F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:weintek:cmt3151_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"20210220","matchCriteriaId":"82F72B48-B2CE-4580-B4CC-49879CA6074B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:weintek:cmt3151:-:*:*:*:*:*:*:*","matchCriteriaId":"9FF5326B-5E33-4C11-9AC6-A90357078FCA"}]}]}],"references":[{"url":"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf","source":"ics-cert@hq.dhs.gov","tags":["Exploit","Vendor Advisory"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}