Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.
References
Link | Resource |
---|---|
https://www.gov.il/en/Departments/faq/cve_advisories | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCD
Published: 2022-07-21T15:37:00
Updated: 2022-07-21T15:37:00
Reserved: 2022-06-29T00:00:00
Link: CVE-2022-34767
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-21T16:15:09.247
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-34767
JSON object: View
Redhat Information
No data.
CWE