Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-20	CVE-2018-14078	Improper Authentication vulnerability in Wi2Be Smart HP WMT R1.2.20201400922 Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack). network low complexity wi2be CWE-287 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.