Multiple vulnerabilities in Weintek Weincloud
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-35134 CVE-2023-37362 CVE-2023-32657 CVE-2023-34429 |
| CWE-ID | CWE-640 CWE-287 CWE-307 CWE-237 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Weincloud Account API Server applications / Other server solutions |
| Vendor | Weintek |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Weak Password Recovery Mechanism for Forgotten Password
EUVDB-ID: #VU78353
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-35134
CWE-ID:
CWE-640 - Weak password recovery mechanism
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a weak password recovery mechanism for forgotten password. A remote attacker can reset a password with the corresponding account’s JWT token only.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWeincloud Account API: - - 0.13.6
CPE2.3- cpe:2.3:a:weintek:weincloud_account_api:*:*:*:*:*:*:*:*
- cpe:2.3:a:weintek:weincloud_account_api:0.13.6:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU78354
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-37362
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests. A remote administrator can abuse the registration functionality to login with testing credentials to the official website.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWeincloud Account API: - - 0.13.6
CPE2.3- cpe:2.3:a:weintek:weincloud_account_api:*:*:*:*:*:*:*:*
- cpe:2.3:a:weintek:weincloud_account_api:0.13.6:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Restriction of Excessive Authentication Attempts
EUVDB-ID: #VU78355
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-32657
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the number of login attempts is not limited. A remote attacker can perform a brute-force attack on credentials with authentication hints from error message responses.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWeincloud Account API: - - 0.13.6
CPE2.3- cpe:2.3:a:weintek:weincloud_account_api:*:*:*:*:*:*:*:*
- cpe:2.3:a:weintek:weincloud_account_api:0.13.6:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Handling of Structural Elements
EUVDB-ID: #VU78356
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-34429
CWE-ID:
CWE-237 - Improper Handling of Structural Elements
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of structural elements. A remote attacker can send a forged JWT token and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWeincloud Account API: - - 0.13.6
CPE2.3- cpe:2.3:a:weintek:weincloud_account_api:*:*:*:*:*:*:*:*
- cpe:2.3:a:weintek:weincloud_account_api:0.13.6:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
