VYPR
Vendor

ALLNET

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2022-34767MedJul 21, 2022
    risk 0.38cvss 5.9epss 0.01

    Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

  • CVE-2025-29268Dec 4, 2025
    risk 0.00cvss epss 0.08

    ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.

  • CVE-2025-29269Dec 4, 2025
    risk 0.00cvss epss 0.02

    ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint.