CVE-2022-34767 Information

Description

Web page which \wizardpwd.asp\ ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password located at dmin\ allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user’s identity and can be accessed publicly.

Reference

https://www.gov.il/en/Departments/faq/cve_advisories