CVE-2022-34767 - Vulnerability Details - OpenCVE

Description

Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

Published: 2022-07-21

Score: 5.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

ALLNET Gmbh

ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan

affected

Version	Status	Constraints
`Update to the latest version`	affected	< Update to the latest version*

Configuration 1 [-]

AND

cpe:2.3:o:allnet:all-wr0500ac_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:allnet:all-wr0500ac:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Update to the latest version.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2022-37715	Web page which "wizardpwd.asp" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at "admin" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00213.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://www.gov.il/en/Departments/faq/cve_advisories

History

No history.

Subscriptions

Allnet All-wr0500ac All-wr0500ac Firmware

MITRE

Status: PUBLISHED

Assigner: INCD

Published: 2022-07-21T15:37:00.000Z

Updated: 2024-08-03T09:22:10.317Z

Reserved: 2022-06-29T00:00:00.000Z

Link: CVE-2022-34767

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-07-21T16:15:09.247

Modified: 2024-11-21T07:10:08.750

Link: CVE-2022-34767

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-306

{"containers": {"cna": {"affected": [{"product": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan", "vendor": "ALLNET Gmbh", "versions": [{"lessThan": "Update to the latest version*", "status": "affected", "version": "Update to the latest version", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "MetaData"}], "descriptions": [{"lang": "en", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Authorization Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-21T15:37:00.000Z", "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "shortName": "INCD"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "solutions": [{"lang": "en", "value": "Update to the latest version."}], "source": {"defect": ["ILVN-2022-0039"], "discovery": "EXTERNAL"}, "title": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan Authorization Bypass", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@cyber.gov.il", "ID": "CVE-2022-34767", "STATE": "PUBLIC", "TITLE": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan Authorization Bypass"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ALLNET Gmbh - ADSL/VDSL Router inkl. Modem and Wlan", "version": {"version_data": [{"version_affected": ">", "version_name": "Update to the latest version", "version_value": "Update to the latest version"}]}}]}, "vendor_name": "ALLNET Gmbh"}]}}, "credit": [{"lang": "eng", "value": "MetaData"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Authorization Bypass"}]}]}, "references": {"reference_data": [{"name": "https://www.gov.il/en/Departments/faq/cve_advisories", "refsource": "MISC", "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}]}, "solution": [{"lang": "en", "value": "Update to the latest version."}], "source": {"defect": ["ILVN-2022-0039"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:22:10.317Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}]}]}, "cveMetadata": {"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "assignerShortName": "INCD", "cveId": "CVE-2022-34767", "datePublished": "2022-07-21T15:37:00.000Z", "dateReserved": "2022-06-29T00:00:00.000Z", "dateUpdated": "2024-08-03T09:22:10.317Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:allnet:all-wr0500ac_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDBA5FC2-9765-4E63-AF75-B0D4B2F20333", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:allnet:all-wr0500ac:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2E209CD-5121-42F6-83B6-C9E2FDF1BE26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Web page which \"wizardpwd.asp\" ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability \u2013 the password, located at \"admin\" allows changing the http[s]://wizardpwd.asp/cgi-bin. Does not validate the user's identity and can be accessed publicly."}, {"lang": "es", "value": "P\u00e1gina web que \"wizardpwd.asp\" ALLNET Router modelo WR0500AC es propenso a una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n - la contrase\u00f1a, ubicada en \"admin\" permite cambiar el http[s]://wizardpwd.asp/cgi-bin. No comprueba la identidad del usuario y puede ser accedido p\u00fablicamente"}], "id": "CVE-2022-34767", "lastModified": "2024-11-21T07:10:08.750", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "cna@cyber.gov.il", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-21T16:15:09.247", "references": [{"source": "cna@cyber.gov.il", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "sourceIdentifier": "cna@cyber.gov.il", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}