CVE-2022-34767

ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan Authorization Bypass

CVSS 5.9 MEDIUMEPSS 0.5%

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Produtos afetados

ALLNET Gmbh · ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.gov.il/en/Departments/faq/cve_advisories