372 matches found
CVE-2022-29948
CVE-2022-29948 affects Lepin EP-KP001 (KP001_V19) USB flash drive. The root cause is insecure hardware design allowing an attacker to bypass password authentication by replacing the device’s microcontroller with one controlled by the attacker, whose passcode is known. This enables unlocking the e...
CVE-2022-29948
Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...
PT-2022-19929 · Lepin · Lepin Ep-Kp001
Name of the Vulnerable Software and Affected Versions: Lepin EP-KP001 versions through KP001 V19 Description: The issue is due to an insecure design, allowing an authentication bypass attack. This enables an attacker to gain access to stored encrypted data by replacing the microcontroller on a...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that arises from an insecure design and can be exploited by an attacker to brute-force break a password offline t...
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive, which arises from an insecure design and can be exploited by an attacker to brute-force break a password offline...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
The provided connected documents confirm CVE-2022-28384 affects Verbatim devices with insecure design that allows an offline brute-force attack to determine the correct passcode and gain access to stored encrypted data. Affected products include the Verbatim Keypad Secure USB 3.2 Gen 1 Drive (thr...
PT-2022-18993 · Verbatim · Verbatim Store 'N' Go Secure Portable Hdd +1
Name of the Vulnerable Software and Affected Versions: Verbatim Keypad Secure USB 3.2 Gen 1 Drive versions through 2022-03-31 Verbatim Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0 Description: An issue was discovered in certain Verbatim drives due to an insecure design, allowing an...
GHSA-6R5V-HP32-FJQW Improper Access Control in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."...
Design/Logic Flaw
A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...
CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF)
A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...
PT-2022-19434 · Charm · Charm
Name of the Vulnerable Software and Affected Versions: charm versions prior to 0.12.1 Description: A vulnerability allows attackers to forge HTTP requests to manipulate the charm data directory, potentially accessing or deleting anything on the server. Encrypted user data uploaded to the Charm...
ASUS CMAX6000 Information Disclosure Vulnerability
The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...
CVE-2021-46247
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...
Asus CMAX6000 安全漏洞
The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14926)
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard- coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware...
CVE-2021-43552
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX PIC iX Versions B.02, C.02, and C.03...