CVE-2024-55019 in cMT-3072XH2 easyWeb
Summary
by MITRE • 03/03/2026
Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 03/04/2026
The vulnerability identified as CVE-2024-55019 represents a critical access control flaw within the Weintek cMT-3072XH2 easyweb web interface version 2.1.53 running on operating system version 20231011. This issue affects the download_wb.cgi component which is responsible for handling file download requests within the web-based management interface. The vulnerability stems from insufficient authentication checks and authorization controls that allow any remote attacker to bypass normal access restrictions and retrieve arbitrary files from the system. This misconfiguration creates a pathway for unauthorized information disclosure and potential system compromise through the retrieval of sensitive configuration files, system logs, or other critical data that should remain protected.
The technical nature of this vulnerability aligns with CWE-285, which addresses improper authorization within software systems. The flaw manifests as a lack of proper input validation and access control mechanisms in the download_wb.cgi script, which fails to verify whether the requesting entity has legitimate authorization to access the requested resources. Attackers can exploit this by directly accessing the vulnerable endpoint with crafted requests that specify the target file paths, bypassing the normal authentication flow that should validate user credentials and privileges. This type of vulnerability typically occurs when developers assume that certain system components are only accessible through authenticated sessions without implementing proper validation checks for each request.
The operational impact of this vulnerability extends beyond simple information disclosure to potentially enable more sophisticated attacks within industrial control systems environments. An attacker who successfully exploits this vulnerability could access configuration files that might contain sensitive system information, credentials, or operational parameters that could be used to plan further attacks or understand the system's operational structure. The implications are particularly concerning in industrial automation contexts where such systems often control critical infrastructure operations. This vulnerability could enable an attacker to gather intelligence about the system's configuration, potentially leading to privilege escalation or other advanced attack vectors that could disrupt industrial processes or compromise system integrity.
Organizations utilizing Weintek cMT-3072XH2 equipment should implement immediate mitigations to address this vulnerability. The primary remediation involves applying the vendor-provided security patches or updates that address the access control flaw in the download_wb.cgi component. Until patches are available, network segmentation should be implemented to isolate the affected system from untrusted networks and limit access to the web interface to authorized personnel only. Additionally, implementing network monitoring solutions that can detect unusual file download patterns or access attempts to the vulnerable endpoint can provide early warning of potential exploitation attempts. Security teams should also review and audit existing access controls to ensure that proper authentication mechanisms are in place for all web-based management interfaces. The vulnerability also highlights the importance of following secure coding practices as outlined in the OWASP Top Ten and NIST cybersecurity frameworks, particularly focusing on proper input validation, authentication, and authorization controls to prevent similar issues from occurring in other system components.