CVE-2023-50466 Information

Description

An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3 OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter.

Reference

https://literate-bakery-10b.notion.site/Weintek-EasyWeb-cMT-Reports-3fc0b10798b54f51a61d719395c408da?pvs=4