CVE-2022-34767 - OpenCVE

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Allnet	All-wr0500ac All-wr0500ac Firmware

Configuration 1 [-]

AND

cpe:2.3:o:allnet:all-wr0500ac_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:allnet:all-wr0500ac:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.gov.il/en/Departments/faq/cve_advisories	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCD

Published: 2022-07-21T15:37:00

Updated: 2022-07-21T15:37:00

Reserved: 2022-06-29T00:00:00

Link: CVE-2022-34767

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-07-21T16:15:09.247

Modified: 2023-08-08T14:22:24.967

Link: CVE-2022-34767

JSON object: View

Redhat Information

No data.

CWE

CWE-306

{"containers": {"cna": {"affected": [{"product": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan", "vendor": "\t ALLNET Gmbh", "versions": [{"lessThan": "Update to the latest version*", "status": "affected", "version": "Update to the latest version", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "MetaData"}], "descriptions": [{"lang": "en", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Authorization Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-21T15:37:00", "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "shortName": "INCD"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "solutions": [{"lang": "en", "value": "Update to the latest version."}], "source": {"defect": ["ILVN-2022-0039"], "discovery": "EXTERNAL"}, "title": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan Authorization Bypass", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@cyber.gov.il", "ID": "CVE-2022-34767", "STATE": "PUBLIC", "TITLE": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan Authorization Bypass"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan", "version": {"version_data": [{"version_affected": ">", "version_name": "Update to the latest version", "version_value": "Update to the latest version"}]}}]}, "vendor_name": "\t ALLNET Gmbh"}]}}, "credit": [{"lang": "eng", "value": "MetaData"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Authorization Bypass"}]}]}, "references": {"reference_data": [{"name": "https://www.gov.il/en/Departments/faq/cve_advisories", "refsource": "MISC", "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}]}, "solution": [{"lang": "en", "value": "Update to the latest version."}], "source": {"defect": ["ILVN-2022-0039"], "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "assignerShortName": "INCD", "cveId": "CVE-2022-34767", "datePublished": "2022-07-21T15:37:00", "dateReserved": "2022-06-29T00:00:00", "dateUpdated": "2022-07-21T15:37:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:allnet:all-wr0500ac_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDBA5FC2-9765-4E63-AF75-B0D4B2F20333", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:allnet:all-wr0500ac:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2E209CD-5121-42F6-83B6-C9E2FDF1BE26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}, {"lang": "es", "value": "P\u00e1gina web que \"wizardpwd.asp\" ALLNET Router modelo WR0500AC es propenso a una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n - la contrase\u00f1a, ubicada en \"admin\" permite cambiar el http[s]://wizardpwd.asp/cgi-bin. No comprueba la identidad del usuario y puede ser accedido p\u00fablicamente"}], "id": "CVE-2022-34767", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "cna@cyber.gov.il", "type": "Secondary"}]}, "published": "2022-07-21T16:15:09.247", "references": [{"source": "cna@cyber.gov.il", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "sourceIdentifier": "cna@cyber.gov.il", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}