Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the βadminβ username with password βadminβ after a successful attack).