CVE-2022-34767

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

CVE-2022-34767

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

Authorization

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the https://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly...

CVE-2022-34767

The CVE-2022-34767 vulnerability affects ALLNET WR0500AC router devices. The issue resides in the wizardpwd.asp page, where the admin password can be accessed and changed without validating the user’s identity, enabling an authorization bypass that can be exploited publicly. Several sources descr...

ALLNET WR0500AC 访问控制错误漏洞

The ALLNET WR0500AC is a wireless router from ALLNET. The ALLNET WR0500AC suffers from an access control error vulnerability that originates from the wizardpwd.asp page that can change the password of the admin account without authentication...

PT-2022-22317 · Allnet · Allnet Router Wr0500Ac

Name of the Vulnerable Software and Affected Versions: ALLNET Router model WR0500AC affected versions not specified Description: The web page "wizardpwd.asp" is prone to an authorization bypass issue, where the password located at "admin" allows changing the https://wizardpwd.asp/cgi-bin without...