Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Unauthorized access to Weintek easyweb v2.1.53 administrative features
CVE-2024-55024
Summary
An issue in Weintek's easyweb software allows attackers to access administrative features without a valid login. This can lead to unauthorized changes to the system. Update to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| weintek | easyweb | 2.1.53 | – |
| weintek | cmt-3072xh2_firmware | 20231011 | – |
Original title
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using serv...
Original description
An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts.
nvd CVSS3.1
9.8
Vulnerability type
CWE-693
Protection Mechanism Failure
- https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de Third Party Advisory
- https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e... Third Party Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026