Cyber Resilience

CVE-2024-55019

High

Published: 03 March 2026

Published
03 March 2026
Modified
04 March 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0004 14.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-55019 is a high-severity Improper Access Control (CWE-284) vulnerability in Weintek Easyweb. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 14.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2024-55019 is an incorrect access control vulnerability (CWE-284) in the download_wb.cgi component of Weintek cMT-3072XH2 easyweb Web Version v2.1.53 running OS v20231011. Published on 2026-03-03, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with low attack complexity and no privileges required.

Unauthenticated remote attackers can exploit this vulnerability over the network by accessing the affected component, enabling them to download arbitrary files from the device without authentication.

Advisories detailing potential mitigations or patches are available at the following references: https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de and https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4.

EU & UK References

Vulnerability details

Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Direct unauthenticated remote file access via public web component enables exploitation of public-facing application (T1190) and arbitrary local file retrieval (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-55026Same product: Weintek Cmt-3072Xh2
CVE-2024-55024Same product: Weintek Cmt-3072Xh2
CVE-2024-55020Same product: Weintek Cmt-3072Xh2
CVE-2024-55022Same product: Weintek Cmt-3072Xh2
CVE-2024-55021Same product: Weintek Cmt-3072Xh2
CVE-2024-55027Same product: Weintek Cmt-3072Xh2
CVE-2024-13240Shared CWE-284
CVE-2026-35231Shared CWE-284
CVE-2026-39339Shared CWE-284
CVE-2026-28855Shared CWE-284

Affected Assets

weintek
easyweb
2.1.53
weintek
cmt-3072xh2 firmware
20231011

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-3 enforces approved authorizations for access to system resources, directly mitigating the incorrect access control in download_wb.cgi that permits unauthenticated arbitrary file downloads.

prevent

AC-14 identifies and authorizes only explicitly permitted actions without authentication, preventing unauthorized file downloads through the unauthenticated CGI component.

prevent

AC-22 controls and protects publicly accessible content on web servers like easyweb, reducing exposure of arbitrary files to unauthenticated remote attackers.

References