3033 matches found
Hardcoded credentials
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user...
Hardcoded credentials
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...
PT-2023-8171 · Oracle +1 · Mysql Server +1
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower Pro affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. The flaw exists within the configuration of a MySQL instance, resulting from...
Hardcoded credentials
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key...
PT-2023-7601 · Sonicwall · Sonicwall Wan Acceleration (Wxa) 5000 Virtual Appliance
Name of the Vulnerable Software and Affected Versions: SonicWall WAN Acceleration WXA 5000 Virtual Appliance affected versions not specified Description: The issue is related to the use of hardcoded credentials in the virtual device management service. This could allow a remote attacker to bypass...
Hardcoded credentials
Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...
Hardcoded credentials
EzViz Studio v2.2.0 is vulnerable to DLL hijacking...
Hardcoded credentials
The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
Hardcoded credentials
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
CVE-2023-23324
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...
PT-2023-18906 · Zumtobel · Zumtobel Netlink Ccd Onboard
Name of the Vulnerable Software and Affected Versions: Zumtobel Netlink CCD Onboard versions 3.74 through 3.79 Description: The issue concerns hardcoded credentials for the Administrator account. Recommendations: For Zumtobel Netlink CCD Onboard versions 3.74 through 3.79, update to Firmware 3.80...
CVE-2023-23324
CVE-2023-23324 affects Zumtobel Netlink CCD Onboard: vulnerable in firmware 3.80 with prior 3.74—3.79 releases. The root cause is hardcoded administrator credentials embedded in the device, enabling unauthorized admin access if exploited. Documented impact is severe (admin-level access could lead...
Hardcoded credentials
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts...
VulnCheck KEV: CVE-2017-8226
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...
Hardcoded credentials
A flaw was found in libnbd, due to a malicious Network Block Device NBD, a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service...
Hardcoded credentials
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secret. The secret is hardcoded into the source code available to anyone on Git Hub. This secret is used to sign the application’s JWT token and verify the incoming user-supplied tokens...
Hardcoded credentials
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...