Allnet: Security Vulnerabilities
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-12-04
ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-12-04
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-07-21