CVE-2024-55026
Published: 03 March 2026
Summary
CVE-2024-55026 is a critical-severity Plaintext Storage of a Password (CWE-256) vulnerability in Weintek Easyweb. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-7 (Boundary Protection).
Deeper analysis
CVE-2024-55026 affects the reset_pj.cgi endpoint in Weintek cMT-3072XH2 easyweb version 2.1.53 running on OS version v20231011. The vulnerability enables unauthorized attackers to execute arbitrary commands by supplying a crafted GET request. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is classified under CWE-256.
The attack scenario involves remote, unauthenticated attackers who require no privileges, low complexity, and no user interaction to exploit the issue over the network. Successful exploitation allows attackers to execute arbitrary commands on the device, resulting in high impacts to confidentiality, integrity, and availability.
Advisories and references for CVE-2024-55026, published on 2026-03-03, are available at https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de and https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-55465
Vulnerability details
An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated arbitrary command execution via public-facing CGI endpoint directly enables exploitation of public-facing applications.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations to block unauthorized access to the reset_pj.cgi endpoint, preventing unauthenticated remote command execution.
Validates inputs to the reset_pj.cgi endpoint to reject crafted GET requests that enable arbitrary command execution.
Monitors and controls network communications at system boundaries to restrict remote unauthenticated access to the vulnerable easyweb server.