VYPR
Medium severity5.9NVD Advisory· Published Jul 21, 2022· Updated Jun 17, 2026

CVE-2022-34767

CVE-2022-34767

Description

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

Affected products

2
  • ALLNET/WR0500ACllm-fuzzy
  • ALLNET Gmbh/ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlanv5
    Range: Update to the latest version

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.