CVE-2025-8759

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759 TRENDnet TN-200 Lighttpd hard-coded key

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

CVE-2025-8759

The CVE-2025-8759 entry concerns TRENDnet TN-200 device version 1.02b02 where the Lighttpd component is affected. The root cause is manipulation of the secdownload.secret argument, with input neV3rUseMe, leading to the use of a hard-coded cryptographic key. This exposes potential remote exploitat...

CVE-2025-8759 TRENDnet TN-200 Lighttpd hard-coded key

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can...

TRENDnet TN-200 安全漏洞

TRENDnet TN-200 is a NAS media server from Trendnet, Inc. A security vulnerability exists in TRENDnet TN-200 version 1.02b02, which stems from the use of a hard-coded key in the parameter secdownload.secret...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sysauth$pic, 1 function, which utilizes a hard-coded key McEncryptionKey bD2voYwPpNuJ7B8, defined in the...

CVE-2025-2810 Draeger: ICMHelper is vulnerable to use of Hard-coded Cryptographic Key

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key...

Dräger ICMHelper 安全漏洞

Dräger ICMHelper is a client assistance service software from Dräger, Germany. A security vulnerability exists in Dräger ICMHelper 1.4.0.1 and earlier versions, which stems from the use of a hard-coded encryption key that could lead to elevated privileges...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2025-26476

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

RUCKUS Network Director 安全漏洞

RUCKUS Network Director is a wireless network monitoring software from RUCKUS. A security vulnerability exists in RUCKUS Network Director versions prior to 4.5, which originates from an attacker being able to forge an administrator JWT with a hard-coded key...

PT-2025-32446

Name of the Vulnerable Software and Affected Versions: TRENDnet TN-200 version 1.02b02 Description: A vulnerability exists in the TRENDnet TN-200 device. The issue resides in the Lighttpd component, where manipulation of the secdownload.secret argument with the input neV3rUseMe results in the use...

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key via the use of hardcoded cryptographic key in Encryption.cs. A local attacker can obtain decrypted credentials to other servers from hMailAdmin.exe.config file and access other hMailServer admin...

Ivanti Desktop and Server Management 安全漏洞

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Desktop and Server Management versions prior to 2024.2, which stems from a hard-coded key that could allow an...

WordPress plugin Support Board 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2025-6071

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016...