CVE-2017-8077

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key a long string beginning with Ei2HNryt. This affects the 1.1.2 Build 20141017 Rel.50749 firmware...

CVE-2024-56429

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...

CVE-2024-56429

The CVE-2024-56429 entry impacts itech iLabClient 3.7.1, where a hard-coded encryption/DB-access key YngAYdgAE/kKZYu2F2wm6w== in iLabClient.jar enables local users to read or write to the database. Root cause is the hard-coded key used for database access; no public exploit details are provided i...

CVE-2024-56429

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...

PT-2025-22354

Name of the Vulnerable Software and Affected Versions itech iLabClient version 3.7.1 Description The issue concerns the use of a hard-coded key YngAYdgAE/kKZYu2F2wm6w== found in iLabClient.jar that allows local users to read or write to the database. This key is used by itech iLabClient for...

ZKTeco ZKBio CVSecurity 信任管理问题漏洞

ZKTeco ZKBio CVSecurity is a series of biometric solutions from the Chinese company ZKTeco. A trust management issue vulnerability exists in ZKTeco ZKBio CVSecurity version 6.4.1R, which stems from a hard-coded key that could lead to unverified JWT token authentication...

CVE-2025-32730

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and recorders. This vulnerability allows a local authenticated attacker to use the authentication information from the last connected surveillance...

CVE-2025-32730

The CVE-2025-32730 entry affects i-PRO Configuration Tool used with i-PRO Co., Ltd. surveillance cameras/recorders. The root cause is use of a hard-coded cryptographic key (CWE-321) that enables a local authenticated attacker to leverage authentication data from the last connected cameras/recorde...

i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key

Overview i-PRO Configuration Tool provided by i-PRO Co., Ltd. contains a vulnerability below. Use of hard-coded cryptographic key CWE-321 Diego Giubertoni of Nozomi Networks Inc. reported this vulnerability to i-PRO Co., Ltd. and coordinated. After the coordination was completed, i-PRO Co., Ltd...

Gladinet's Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE-2025-30406 CVSS score: 9.0, the vulnerability refers to the use of a hard-cod...

CVE-2025-31362

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment...

CVE-2025-31362

BizRobo! is affected by CVE-2025-31362 due to use of a hard-coded cryptographic key (CWE-321). Credentials inside robot files may be obtained if the encryption key is available. Affected product: BizRobo! all versions. Impact stated: credentials in robot files may be disclosed when the key is kno...

CVE-2025-31362

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment...

Multiple vulnerabilities in BizRobo!

Overview BizRobo! is an RPA Robotic Process Automation software provided by OPEN, Inc. Users compile an automation flow using DesignStudio, a development application that runs on Windows, and create robot files. A web application Management Console is provided to schedule RPA execution and to che...

Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability

Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing fo...

CVE-2025-3177

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2025-3177

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2025-3177

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2025-3177 FastCMS JWT hard-coded key

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2025-3177 FastCMS JWT hard-coded key

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The...