CVE-2021-27442
Weintek EasyWeb cMT Cross-site Scripting
Severity Score
6.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
La línea de productos Weintek cMT es vulnerable a una vulnerabilidad de tipo Cross-site scripting, que podría permitir a un atacante remoto no autenticado inyectar código JavaScript malicioso
*Credits:
Marcin Dudek from CERT.PL reported these vulnerabilities to CISA.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-02-19 CVE Reserved
- 2022-05-16 CVE Published
- 2024-09-17 CVE Updated
- 2025-01-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf | 2022-05-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Weintek Search vendor "Weintek" | Cmt-svr-100 Firmware Search vendor "Weintek" for product "Cmt-svr-100 Firmware" | < 20210305 Search vendor "Weintek" for product "Cmt-svr-100 Firmware" and version " < 20210305" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-svr-100 Search vendor "Weintek" for product "Cmt-svr-100" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-svr-102 Firmware Search vendor "Weintek" for product "Cmt-svr-102 Firmware" | < 20210305 Search vendor "Weintek" for product "Cmt-svr-102 Firmware" and version " < 20210305" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-svr-102 Search vendor "Weintek" for product "Cmt-svr-102" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-svr-200 Firmware Search vendor "Weintek" for product "Cmt-svr-200 Firmware" | < 20210305 Search vendor "Weintek" for product "Cmt-svr-200 Firmware" and version " < 20210305" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-svr-200 Search vendor "Weintek" for product "Cmt-svr-200" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-svr-202 Firmware Search vendor "Weintek" for product "Cmt-svr-202 Firmware" | < 20210305 Search vendor "Weintek" for product "Cmt-svr-202 Firmware" and version " < 20210305" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-svr-202 Search vendor "Weintek" for product "Cmt-svr-202" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-g01 Firmware Search vendor "Weintek" for product "Cmt-g01 Firmware" | < 20210209 Search vendor "Weintek" for product "Cmt-g01 Firmware" and version " < 20210209" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-g01 Search vendor "Weintek" for product "Cmt-g01" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-g02 Firmware Search vendor "Weintek" for product "Cmt-g02 Firmware" | < 20210209 Search vendor "Weintek" for product "Cmt-g02 Firmware" and version " < 20210209" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-g02 Search vendor "Weintek" for product "Cmt-g02" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-g03 Firmware Search vendor "Weintek" for product "Cmt-g03 Firmware" | < 20210222 Search vendor "Weintek" for product "Cmt-g03 Firmware" and version " < 20210222" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-g03 Search vendor "Weintek" for product "Cmt-g03" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-g04 Firmware Search vendor "Weintek" for product "Cmt-g04 Firmware" | < 20210222 Search vendor "Weintek" for product "Cmt-g04 Firmware" and version " < 20210222" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-g04 Search vendor "Weintek" for product "Cmt-g04" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt3071 Firmware Search vendor "Weintek" for product "Cmt3071 Firmware" | < 20210218 Search vendor "Weintek" for product "Cmt3071 Firmware" and version " < 20210218" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt3071 Search vendor "Weintek" for product "Cmt3071" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt3072 Firmware Search vendor "Weintek" for product "Cmt3072 Firmware" | < 20210218 Search vendor "Weintek" for product "Cmt3072 Firmware" and version " < 20210218" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt3072 Search vendor "Weintek" for product "Cmt3072" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt3090 Firmware Search vendor "Weintek" for product "Cmt3090 Firmware" | < 20210218 Search vendor "Weintek" for product "Cmt3090 Firmware" and version " < 20210218" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt3090 Search vendor "Weintek" for product "Cmt3090" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt3103 Firmware Search vendor "Weintek" for product "Cmt3103 Firmware" | < 20210218 Search vendor "Weintek" for product "Cmt3103 Firmware" and version " < 20210218" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt3103 Search vendor "Weintek" for product "Cmt3103" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt3151 Firmware Search vendor "Weintek" for product "Cmt3151 Firmware" | < 20210218 Search vendor "Weintek" for product "Cmt3151 Firmware" and version " < 20210218" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt3151 Search vendor "Weintek" for product "Cmt3151" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-hdm Firmware Search vendor "Weintek" for product "Cmt-hdm Firmware" | < 20210204 Search vendor "Weintek" for product "Cmt-hdm Firmware" and version " < 20210204" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-hdm Search vendor "Weintek" for product "Cmt-hdm" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-fhd Firmware Search vendor "Weintek" for product "Cmt-fhd Firmware" | < 20210208 Search vendor "Weintek" for product "Cmt-fhd Firmware" and version " < 20210208" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-fhd Search vendor "Weintek" for product "Cmt-fhd" | - | - |
Safe
|
| Weintek Search vendor "Weintek" | Cmt-ctrl01 Firmware Search vendor "Weintek" for product "Cmt-ctrl01 Firmware" | < 20210302 Search vendor "Weintek" for product "Cmt-ctrl01 Firmware" and version " < 20210302" | - |
Affected
| in | Weintek Search vendor "Weintek" | Cmt-ctrl01 Search vendor "Weintek" for product "Cmt-ctrl01" | - | - |
Safe
|