CVE-2024-55020
Received Received - Intake
Command Injection in Weintek cMT-3072XH2 DHCP Allows Root Access

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: MITRE

Description
A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-15
NVD
CVE-2024-55020
EUVD
EUVD-2024-55459
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
weintek easyweb 2.1.53
weintek cmt-3072xh2_firmware 20231011
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2024-55020 is a critical command injection vulnerability found in the DHCP activation feature of Weintek cMT-3072XH2 devices running easyweb Web Version v2.1.53 and OS version 20231011.

This vulnerability occurs due to improper input validation in the HMI name configuration field, allowing attackers to inject arbitrary system commands.

These injected commands are executed with root privileges, especially after the system reboots, enabling attackers to gain privileged command execution on the device.

Impact Analysis

This vulnerability allows attackers to execute arbitrary commands with root privileges on affected Weintek devices.

As a result, attackers can gain unauthorized access, take control over the device, and potentially manipulate or disrupt industrial processes controlled by these devices.

Such control could lead to operational disruptions, data compromise, or further network penetration.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves a command injection via the HMI name configuration field on Weintek cMT-3072XH2 devices running OS version 20231011 and easyweb V2.1.53.

To detect this vulnerability on your system, you can check the HMI name configuration for suspicious or unexpected command injection patterns.

Since the vulnerability executes commands with root privileges after reboot, monitoring for unusual system behavior or unexpected commands executed on reboot can also help detection.

Specific commands to detect the vulnerability are not provided in the available resources.

Mitigation Strategies

The available information does not provide explicit mitigation steps.

However, general best practices for command injection vulnerabilities include avoiding untrusted input in configuration fields, applying vendor patches or updates, and restricting device access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-55020. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart