Unauthenticated Remote Password Reset Vulnerability in Wi2be SMART HP WMT R1.2.20_201400922
CVE-2018-14078 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).
Learn more about our User Device Pen Test.