8062 matches found
CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...
CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...
CVE-2026-27507
The affected product is Binardat 10G08-0800GSM network switch (firmware V300SP10260209 and earlier). The root cause is hard-coded administrative credentials in the firmware that users cannot change, which grants full administrative access when known. This creates a critical impact on confidential...
PT-2026-21765
Name of the Vulnerable Software and Affected Versions Finka-FK versions prior to 18.5 Finka-KPR versions prior to 16.6 Finka-Płace versions prior to 13.4 Finka-Faktura versions prior to 18.3 Finka-Magazyn versions prior to 8.3 Finka-STW versions prior to 12.3 Description The Finka software suite...
PT-2026-21757
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
PT-2026-21752
Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions V300SP10260209 and prior Description The Binardat 10G08-0800GSM network switch firmware contains hard-coded administrative credentials that cannot be altered by users. Obtaining these...
CVE-2026-2635
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The fi...
CVE-2026-2635 MLflow Use of Default Password Authentication Bypass Vulnerability
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The fi...
CVE-2026-2635
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The fi...
CVE-2026-2635
MLflow before version 3.8.0 is affected by an authentication bypass (CVE-2026-2635) due to default credentials in basic_auth.ini, allowing remote, unauthenticated attackers to bypass authentication and execute arbitrary code with administrator privileges. Root cause: hard-coded default credential...
CVE-2026-2702
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...
SolarWinds Database Performance Analyzer < 2025.3 Hard-coded Cryptographic Key (CVE-2025-26398)
According to its self-reported version, the SolarWinds Database Performance Analyzer DPA installation on the remote host is prior to 2025.3. It is, therefore, affected by a hard-coded cryptographic key vulnerability. If exploited, this vulnerability could allow a machine-in-the-middle MITM attack...
CVE-2026-2702
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...
CVE-2026-2702 Beetel 777VR1 WPA2 PSK hard-coded credentials
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...
CVE-2026-2702 Beetel 777VR1 WPA2 PSK hard-coded credentials
A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...
CVE-2026-2702
CVE-2026-2702 affects Beetel 777VR1 (firmware up to 01.00.09). The issue: hard-coded WPA2-PSK credentials in the WPA2 PSK processing component. Consequence: partial confidentiality impact with adjacent-network exposure; no integrity/availability impact per the entry. Exploitability is listed as h...
FLIR Systems AX8 Cameras Use of Hard-coded Credentials (CVE-2018-25138)
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...
PT-2026-20594
Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09 Description A security flaw exists in Beetel 777VR1 affecting the WPA2 PSK component. A manipulation of this component can lead to the disclosure of hard-coded credentials. An attacker requires access to t...
CVE-2025-33089
IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information or perform unauthorized actions due to the use of hard coded user credentials...
CVE-2026-2616
A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the...