CVE-2024-55024
Authentication Bypass in Weintek cMT-3072XH2 Enables Admin Access
Publication date: 2026-03-03
Last updated on: 2026-03-04
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| weintek | easyweb | 2.1.53 |
| weintek | cmt-3072xh2_firmware | 20231011 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
Can you explain this vulnerability to me?
This vulnerability is an authentication bypass in the authorization mechanism of the Weintek cMT-3072XH2 easyweb version 2.1.53, OS version v20231011. It allows unauthorized attackers to perform administrative actions by exploiting service accounts.
How can this vulnerability impact me? :
The vulnerability can have a severe impact as it allows attackers to bypass authentication and gain administrative privileges. This can lead to unauthorized control over the affected system, potentially resulting in data compromise, system manipulation, or disruption of services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know