Vulnerability Details CVE-2022-34767
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2022-34767
-
cpe:2.3:h:allnet:all-wr0500ac:-
-
cpe:2.3:o:allnet:all-wr0500ac_firmware:-