Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hdm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-38584
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous malicious user to hijack control flow and bypass login authentication.
Weintek Cmt-fhd Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
9.8
CVSSv3
CVE-2023-43492
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous malicious user to hijack control flow and bypass login authentication.
Weintek Cmt-fhd Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
8.8
CVSSv3
CVE-2023-40145
In Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.
Weintek Cmt-fhd Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
6.1
CVSSv3
CVE-2021-27442
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote malicious user to inject malicious JavaScript code.
Weintek Cmt-svr-100 Firmware
Weintek Cmt-svr-102 Firmware
Weintek Cmt-svr-200 Firmware
Weintek Cmt-svr-202 Firmware
Weintek Cmt-g01 Firmware
Weintek Cmt-g02 Firmware
Weintek Cmt-g03 Firmware
Weintek Cmt-g04 Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt-fhd Firmware
Weintek Cmt-ctrl01 Firmware
9.8
CVSSv3
CVE-2021-27444
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated malicious user to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.
Weintek Cmt-svr-100 Firmware
Weintek Cmt-svr-102 Firmware
Weintek Cmt-svr-200 Firmware
Weintek Cmt-svr-202 Firmware
Weintek Cmt-g01 Firmware
Weintek Cmt-g02 Firmware
Weintek Cmt-g03 Firmware
Weintek Cmt-g04 Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt-fhd Firmware
Weintek Cmt-ctrl01 Firmware
9.8
CVSSv3
CVE-2021-27446
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote malicious user to execute commands with root privileges on the operation system.
Weintek Cmt-svr-100 Firmware
Weintek Cmt-svr-102 Firmware
Weintek Cmt-svr-200 Firmware
Weintek Cmt-svr-202 Firmware
Weintek Cmt-g01 Firmware
Weintek Cmt-g02 Firmware
Weintek Cmt-g03 Firmware
Weintek Cmt-g04 Firmware
Weintek Cmt3071 Firmware
Weintek Cmt3072 Firmware
Weintek Cmt3090 Firmware
Weintek Cmt3103 Firmware
Weintek Cmt3151 Firmware
Weintek Cmt-hdm Firmware
Weintek Cmt-fhd Firmware
Weintek Cmt-ctrl01 Firmware
NA
CVE-2024-26761
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder register...
5.4
CVSSv3
CVE-2015-8687
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) prior to 4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) deviceTypeID parameter to DeviceType/getDeviceType.do; the...
Alcatel-lucent Motive Home Device Manager
NA
CVE-2022-48707
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currentl...
NA
CVE-2006-7066
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote malicious users to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted fr...
Microsoft Internet Explorer 6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »