Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg.
7.5CVSS
7.4AI Score
0.003EPSS
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).
9.8CVSS
9.3AI Score
0.007EPSS
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp.
7.5CVSS
7.3AI Score
0.003EPSS