Lucene search
K

3846 matches found

ICS
ICS
added 2012/09/22 6:0 a.m.71 views

Carlo Gavazzi EOS Box Multiple Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...

10CVSS7.6AI score0.0139EPSS
Exploits0References10
ICS
ICS
added 2012/08/24 6:0 a.m.51 views

Sinapsi Devices Vulnerabilities

Overview This advisory is a follow-up to the alert titled ICS-ALERT-12-284-01—Sinapsi eSolar Light Vulnerabilities that was published October 10, 2012. Independent researchers Roberto Paleari and Ivan Speziale identified four vulnerabilities and released proof-of-concept exploit code for the...

10CVSS7.8AI score0.11946EPSS
Exploits2References10
ICS
ICS
added 2012/07/27 6:0 a.m.52 views

Korenix Jetport 5600 Series Hard-coded Credentials

Overview This advisory provides mitigation details for a vulnerability that impacts the Korenix JetPort 5600. Independent researcher Reid Wightman of Digital Bond identified undocumented hard-coded root credentials in the firmware of the Korenix JetPort 5600 system application without coordinatio...

10CVSS6.5AI score0.03602EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2012/06/01 12:0 a.m.46 views

HP SAN/iQ < 9.5 Root Shell Command Injection

The version of SAN/iQ running on the remote host has a command injection vulnerability. The hydra service, used for remote management and configuration, does not properly sanitize untrusted input. A remote attacker could exploit this to execute arbitrary commands as root. Authentication is...

7.7CVSS6AI score0.47799EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2012/04/25 9:14 p.m.12 views

Backdoor In Equipment Used For Traffic Control, Railways Called "Huge Risk"

UPDATE: Security researchers are warning about the risk posed by an embarrassing security hole in industrial control software by the firm RuggedCom. A hidden administrative account could give remote attackers easy access to critical equipment that is used to manage a wide range of critical...

0.3AI score
Exploits0References7
OpenVAS
OpenVAS
added 2012/04/12 12:0 a.m.37 views

WAGO I/O System 758 Series Hard-Coded Credentials Vulnerability (HTTP)

WAGO I/O System 758 series devices are using a set of hard-coded credentials. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

6.7AI score
Exploits0References5
OpenVAS
OpenVAS
added 2012/04/12 12:0 a.m.11 views

WAGO I/O System 758 Series Hard-Coded Credentials Vulnerability (Telnet)

WAGO I/O System 758 series devices are using a set of hard-coded credentials. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

6.7AI score
Exploits0References5
Packet Storm
Packet Storm
added 2011/06/07 12:0 a.m.30 views

IBM Tivoli Endpoint 4.1.1 Buffer Overflow / Hard-Coded Credentials

!/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials hard-coded in lcfd.exe 2 Stack-based...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.56 views

Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010-3038

Matta Consulting - Matta Advisory http://www.trustmatta.com Cisco Unified Videoconferencing multiple vulnerabilities Advisory ID: MATTA-2010-001 CVE reference: CVE-2010-3037 CVE-2010-3038 Affected platforms: Cisco Unified Videoconferencing 3515,3522,3527,5230,3545, 5110,5115 Systems and unspecifi...

10CVSS0.1AI score0.03372EPSS
Exploits0
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.45 views

Cisco Security Response: Multiple Vulnerabilities in Cisco Unified Videoconferencing Products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Response: Multiple Vulnerabilities in Cisco Unified Videoconferencing Products http://www.cisco.com/warp/public/707/cisco-sr-20101117-cuvc.shtml Revision 1.0 For Public Release 2010 November 17 1600 UTC GMT...

10CVSS0.4AI score0.03372EPSS
Exploits0
ThreatPost
ThreatPost
added 2010/10/24 4:39 p.m.11 views

SCADA Vendors Still Need Security Wake Up Call

Companies that make supervisory control and data acquisition SCADA and industrial control software are still dangerously lax when it comes to application security and vulnerable to attack, according to a researcher from security firm Tenable Inc. who warned that the use of coded administrative...

0.7AI score
Exploits0References3
OSV
OSV
added 2010/06/16 8:30 p.m.10 views

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

7.5CVSS7.5AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2010/06/16 8:30 p.m.36 views

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

7.5CVSS7.2AI score0.01812EPSS
Exploits0References1
CVE
CVE
added 2010/06/16 8:0 p.m.53 views

CVE-2010-2073

CVE-2010-2073 affects Pyftpd 0.8.4, where auth_db_config.py contains hard-coded usernames and passwords (test, user, roxon). This enables remote attackers to read arbitrary files from the FTP server due to hard-coded credentials. The issue is documented across multiple sources (NVD entry for CVE-...

7.5CVSS7.4AI score0.01812EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2010/06/16 8:0 p.m.51 views

CVE-2010-2073

Removed by vendor...

7.5CVSS7.6AI score0.01812EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2010/06/16 12:0 a.m.8 views

PT-2010-3684 · Pyftpd · Pyftpd

Name of the Vulnerable Software and Affected Versions: Pyftpd version 0.8.4 Description: The issue concerns hard-coded usernames and passwords in the auth db config.py file for the test, user, and roxon accounts. This allows remote attackers to read arbitrary files from the FTP server...

7.5CVSS7.3AI score0.01812EPSS
Exploits0References6
NVD
NVD
added 2010/06/10 12:30 a.m.27 views

CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

10CVSS10AI score0.20792EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2010/06/10 12:0 a.m.7 views

PT-2010-3244 · Linksys · Linksys Wap54Gv3

Name of the Vulnerable Software and Affected Versions: Linksys WAP54Gv3 firmware versions 3.04.03 and earlier Description: The issue allows remote attackers to execute arbitrary commands due to the use of hard-coded credentials for a debug interface on certain web pages. Specifically, the...

10CVSS9.7AI score0.20792EPSS
Exploits1References8
Saint
Saint
added 2010/05/25 12:0 a.m.216 views

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

7.5CVSS6.4AI score0.51069EPSS
Exploits9
Saint
Saint
added 2010/05/25 12:0 a.m.41 views

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

7.5CVSS6.5AI score0.51069EPSS
Exploits9
Rows per page
Query Builder