3033 matches found
Hardcoded credentials
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware...
CVE-2022-30318
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...
CVE-2022-30318
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...
Le-yan Personnel and Salary Management System 信任管理问题漏洞
Le-yan Personnel and Salary Management System is a personnel and salary management system from Le-yan, a Chinese company. A security vulnerability exists in the Le-yan Personnel and Salary Management System, which originates from having hard-coded database accounts and passwords in the site sourc...
Hardcoded credentials
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...
Hardcoded credentials
Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh...
Hardcoded credentials
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
Hardcoded credentials
TOTOLINK N600R V4.3.0cu.7647B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
Hardcoded credentials
TOTOLINK A950RG V4.1.2cu.5204B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
Hardcoded credentials
TOTOLINK A810R V4.1.2cu.5182B20201026 and V5.9c.4050B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2022-36170
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion...
CVE-2022-36170
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion...
CVE-2022-36170
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion...
Hardcoded credentials
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion...
CVE-2022-36170
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of privileges and arbitrary file deletion...
CVE-2022-36170
MapGIS 10.5 Pro IGServer is affected by CVE-2022-36170 due to hardcoded credentials in the front-end, enabling privilege escalation and arbitrary file deletion. The NVD record lists CVSS 3.1 base score 8.8 (Network, Low attack complexity, Privileges required: Low, User interaction: None, Scope: U...
Use of Hard-coded Credentials in AgileConfig.Client
Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...
PT-2022-23241 · Unknown · Mapgis 10.5 Pro Igserver
Name of the Vulnerable Software and Affected Versions: MapGIS 10.5 Pro IGServer version 10.5 Description: The issue is related to hardcoded credentials in the front-end of the software, which can lead to escalation of privileges and arbitrary file deletion. Recommendations: For MapGIS 10.5 Pro...
Hardcoded credentials
Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...
Hardcoded credentials
Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate attackers to cause a denial of service device malfunction and system crash via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. A reported produ...