Vulnerabilities > Wi2Be

DATE CVE VULNERABILITY TITLE RISK
2018-08-20 CVE-2018-14079 Information Exposure vulnerability in Wi2Be Smart HP WMT R1.2.20201400922
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp.
network
low complexity
wi2be CWE-200
5.0
2018-08-20 CVE-2018-14078 Improper Authentication vulnerability in Wi2Be Smart HP WMT R1.2.20201400922
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).
network
low complexity
wi2be CWE-287
critical
10.0
2018-08-20 CVE-2018-14077 Unspecified vulnerability in Wi2Be Smart HP WMT R1.2.20201400922
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg.
network
low complexity
wi2be
5.0