CVE-2023-40145 Information

Description

In Weintek’s cMT3000 HMI Web CGI device an anonymous attacker can execute arbitrary commands after login to the device.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12 https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf