CVE-2023-5777— Weintek EasyBuilder Pro Use of Hard-coded Credentials
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-5777
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Weintek EasyBuilder Pro Use of Hard-coded Credentials
Source: NVD (National Vulnerability Database)
Vulnerability Description
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Weintek EasyBuilder Pro 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Weintek EasyBuilder Pro是Weintek公司的提供充足的高质量图形库,适用于包装机械、加工厂、水处理厂等不同的工业应用,大大缩短您的项目显示设计时间的平台。 Weintek EasyBuilder Pro存在安全漏洞,该漏洞源于即使在崩溃报告传输完成后立即删除私钥,私钥也会暴露给公众,这可能导致获得对上传崩溃报告服务器的远程控制。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Weintek | EasyBuilder Pro | 0 ~ v6.07.02 | - |
II. Public POCs for CVE-2023-5777
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-5777
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Weintek
- CVE-2025-14751
Unverified Password Change in Weintek cMT X Series HMI EasyW - CVE-2025-14750
External Control of Assumed-Immutable Web Parameter in Weint - CVE-2023-43492
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow - CVE-2023-40145
Weintek cMT3000 HMI Web CGI OS Command Injection - CVE-2023-38584
Weintek cMT3000 HMI Web CGI Stack-based Buffer Overflow
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2023-5777
No comments yet