CVE-2022-45599

Name of the Vulnerable Software and Affected Versions Aztech WMB250AC Mesh Routers Firmware Version 016 2020

Description The issue allows attackers to gain escalated privileges under specific conditions related to a given account's hashed password, due to PHP Type Juggling in the file /var/www/login.php.

Recommendations For Aztech WMB250AC Mesh Routers Firmware Version 016 2020, as a temporary workaround, consider restricting access to the /var/www/login.php file until a patch is available. Avoid using the login functionality in the affected firmware version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.