Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Allnet Subscribe
Filtered by product All-wr0500ac
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34767 1 Allnet 2 All-wr0500ac, All-wr0500ac Firmware 2022-07-27 N/A 9.8 CRITICAL
Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.