CVE-2024-55021
Published: 03 March 2026
Summary
CVE-2024-55021 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Weintek Easyweb. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Valid Accounts (T1078); ranked at the 15.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and IA-5 (Authenticator Management).
Deeper analysis
CVE-2024-55021 is a vulnerability in Weintek cMT-3072XH2 devices running easyweb v2.1.53 and OS v20231011, involving a hardcoded password within the FTP protocol. This issue, published on 2026-03-03, is associated with CWE-798 (use of hard-coded credentials) and CWE-78 (improper neutralization of special elements used in an OS command), earning a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
The vulnerability enables remote attackers to exploit it over the network with low attack complexity, requiring no privileges, user interaction, or scope changes. Exploitation grants high confidentiality impact, allowing unauthorized access to sensitive data via the FTP service using the hardcoded password.
Advisories providing further details, including potential mitigation guidance, are available at https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de and https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-55460
Vulnerability details
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Hardcoded FTP credentials directly enable remote access to the device using valid accounts over an exposed external service (FTP), granting unauthorized data access.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses hardcoded credentials by requiring organizations to manage, protect, and change default authenticators used in services like FTP.
Prohibits or restricts unnecessary functions such as the FTP service, eliminating exposure of the hardcoded password.
Monitors and controls communications at system boundaries to block network access to the FTP port, preventing remote exploitation.