Lucene search
K

93 matches found

CVE
CVE
added 2020/08/25 1:19 p.m.71 views

CVE-2020-14510

GateManager (Secomea) VPN server is affected by CVE-2020-14510 due to a hard-coded telnet credential, allowing an unprivileged attacker to execute commands as root. Affected: GateManager versions prior to 9.2c. Mitigation/remediation: update to 9.2c (or newer, per advisories) and apply provided p...

10CVSS9.7AI score0.02487EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/25 1:19 p.m.31 views

CVE-2020-14510 OFF-BY-ONE ERROR CWE-193

GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root...

9.8CVSS9.6AI score0.02487EPSS
Exploits0References1
OSV
OSV
added 2020/07/13 7:15 p.m.8 views

CVE-2020-10988

A hard-coded telnet credential in the tendalogin binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device...

9.8CVSS7.4AI score0.02826EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/07/13 6:1 p.m.22 views

CVE-2020-10988

A hard-coded telnet credential in the tendalogin binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device...

9.4AI score0.02826EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/01/31 9:0 p.m.19 views

CVE-2018-5560 Guardzilla All-In-One Video Security System Hard-Coded Credential

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device...

10CVSS9.3AI score0.0162EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2018/12/28 4:12 p.m.22 views

Guardzilla Home Cameras Open to Anyone Wanting to Watch Their Footage

Another day, another internet of things IoT issue: A design flaw in the Guardzilla home video surveillance system has been discovered that allows users to watch other homeowners’ Guardzilla videos. The Guardzilla All-In-One Video Security System is a home security platform that provides indoor...

5CVSS2.7AI score0.0162EPSS
Exploits1References3
ICS
ICS
added 2018/08/23 12:0 p.m.32 views

Schneider Electric Pelco Digital Sentry Video Management System Vulnerability

OVERVIEW Schneider Electric has identified a hard-coded credential vulnerability in Schneider Electric’s Pelco Digital Sentry Video Management System. Schneider Electric has produced a new firmware version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED...

10CVSS9.9AI score0.0579EPSS
Exploits0References19
CVE
CVE
added 2017/07/31 1:0 p.m.59 views

CVE-2017-11743

MEDHOST Connex (CVE-2017-11743) contains a hard-coded Mirth Connect admin credential ($K8t1ng) used for customer management access. The admin password is plaintext and identical across all installations, created during Connex install, with no option for customers to change it. A remote attacker a...

9.8CVSS9.3AI score0.01608EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/07/31 1:0 p.m.24 views

CVE-2017-11743

MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to intercept sensiti...

9.4AI score0.01608EPSS
Exploits1References2
ICS
ICS
added 2016/03/06 7:0 a.m.38 views

GE MultiLink Series Hard-coded Credential Vulnerability

OVERVIEW GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following MultiLink products are affected: GE ML8...

10CVSS9.9AI score0.03219EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2015/08/17 3:11 p.m.17 views

Schneider Electric Modicon M340 PLC Station P34 Module HMI Vulnerabilities

Update Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON. The Industrial Control System Cyber Emergency Response Team ICS-CERT released an alert late last week and patches are currently being validated according to ICS-CE...

0.2AI score
Exploits0References3
ICS
ICS
added 2015/05/28 6:0 a.m.39 views

EasyIO-30P-SF Hard-Coded Credential Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on August 25, 2015, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a hard-coded credential vulnerability in the EasyIO-30P-SF controller. EasyIO has produced a...

9CVSS6.4AI score0.01869EPSS
Exploits0References10
ICS
ICS
added 2012/06/23 6:0 a.m.44 views

ORing Industrial Networking IDS-5042/5042+ Hard-Coded Credential Vulnerability

Overview Independent researcher Reid Wightman of Digital BondKorenix and ORing Use Crypto, http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity/, Web site last accessed September 19, 2012. identified hard-coded credentials in the operating system of the ORing Industrial DIN-Rail...

10CVSS6.6AI score0.03602EPSS
Exploits0References10
Rows per page
Query Builder