3820 matches found
EUVD-2026-33642
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
CVE-2026-42251 Hard-coded credentials in KS-SOMED
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
PT-2026-45432
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
CVE-2026-5065
IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...
CVE-2026-42929
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...
Exploit for CVE-2026-46376
CVE-2026-46376 — FreePBX Unauthenticated UCP Access via Hard-C...
CVE-2026-42929 MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded Credentials
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...
CVE-2026-42929
CVE-2026-42929 affects the Danelec MacGregor Voyage Data Recorder (VDR) — specifically the G4e line — where default accounts are hard-coded. This represents a credential-related vulnerability (high impact) with CVSS 3.1/3.4-like metrics indicating unauthorized access potential from adjacent netwo...
EUVD-2026-33400
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...
CVE-2026-42929
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...
CVE-2026-42929 MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded Credentials
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...
CVE-2026-7786
The CVE-2026-7786 affects Jinan USR IOT’s USR-W610 RS232/485 to Wi‑Fi/Ethernet Converter. The firmware image contains plaintext administrative credentials that can be extracted via firmware analysis and used to authenticate to device services, enabling administrator access. Reported CVSS v3.1 sco...
CVE-2026-7786 Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter Use of Hard-coded Credentials
Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services...
CVE-2026-46376
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...
EUVD-2026-33295
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...
CVE-2026-46376 FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...
CVE-2026-46376
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...
CVE-2026-46376
FreePBX UCP vulnerability (CVE-2026-46376): from 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may access the User Control Panel via hard-coded initial template credentials if not changed by the admin. Post-exploitation requires only no admin steps beyond initial UCP setup; authenti...
CVE-2026-46376 FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...
PT-2026-44926
Name of the Vulnerable Software and Affected Versions Danelec MacGregor Voyage Data Recorder affected versions not specified Description The software includes default accounts with hard-coded credentials, which can allow unauthorized access to the system. Recommendations At the moment, there is n...